Vulnerabilities (CVE)

Filtered by vendor Zyxel Subscribe
Total 248 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-8881 1 Zyxel 20 Gs1900-10hp, Gs1900-10hp Firmware, Gs1900-16 and 17 more 2024-11-14 N/A 6.8 MEDIUM
A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to execute some operating system (OS) commands on an affected device by sending a crafted HTTP request.
CVE-2024-8882 1 Zyxel 20 Gs1900-10hp, Gs1900-10hp Firmware, Gs1900-16 and 17 more 2024-11-14 N/A 4.5 MEDIUM
A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service (DoS) conditions via a crafted URL.
CVE-2024-38267 1 Zyxel 82 Ax7501-b1, Ax7501-b1 Firmware, Dx3300-t0 and 79 more 2024-09-30 N/A 4.9 MEDIUM
An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
CVE-2024-38268 1 Zyxel 82 Ax7501-b1, Ax7501-b1 Firmware, Dx3300-t0 and 79 more 2024-09-30 N/A 4.9 MEDIUM
An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
CVE-2024-38269 1 Zyxel 82 Ax7501-b1, Ax7501-b1 Firmware, Dx3300-t0 and 79 more 2024-09-30 N/A 4.9 MEDIUM
An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
CVE-2024-38270 1 Zyxel 20 Gs1900-10hp, Gs1900-10hp Firmware, Gs1900-16 and 17 more 2024-09-18 N/A 6.5 MEDIUM
An insufficient entropy vulnerability caused by the improper use of a randomness function with low entropy for web authentication tokens generation exists in the Zyxel GS1900-10HP firmware version V2.80(AAZI.0)C0. This vulnerability could allow a LAN-based attacker a slight chance to gain a valid session token if multiple authenticated sessions are alive.
CVE-2024-7261 1 Zyxel 58 Nwa110ax, Nwa110ax Firmware, Nwa1123-ac Pro and 55 more 2024-09-13 N/A 9.8 CRITICAL
The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) and earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) and earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.
CVE-2024-5412 1 Zyxel 100 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 97 more 2024-09-06 N/A 7.5 HIGH
A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
CVE-2024-42057 1 Zyxel 16 Atp100, Atp100w, Atp200 and 13 more 2024-09-05 N/A 8.1 HIGH
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an unauthenticated attacker to execute some OS commands on an affected device by sending a crafted username to the vulnerable device. Note that this attack could be successful only if the device was configured in User-Based-PSK authentication mode and a valid user with a long username exceeding 28 characters exists.
CVE-2024-42058 1 Zyxel 16 Atp100, Atp100w, Atp200 and 13 more 2024-09-05 N/A 7.5 HIGH
A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V5.20 through V5.38, and USG20(W)-VPN series firmware versions from V5.20 through V5.38 could allow an unauthenticated attacker to cause DoS conditions by sending crafted packets to a vulnerable device.
CVE-2024-42059 1 Zyxel 16 Atp100, Atp100w, Atp200 and 13 more 2024-09-05 N/A 7.2 HIGH
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series firmware versions from V5.00 through V5.38, and USG20(W)-VPN series firmware versions from V5.00 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted compressed language file via FTP.
CVE-2024-42060 1 Zyxel 16 Atp100, Atp100w, Atp200 and 13 more 2024-09-05 N/A 7.2 HIGH
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted internal user agreement file to the vulnerable device.
CVE-2024-6343 1 Zyxel 16 Atp100, Atp100w, Atp200 and 13 more 2024-09-05 N/A 4.9 MEDIUM
A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
CVE-2024-7203 1 Zyxel 15 Atp100, Atp100w, Atp200 and 12 more 2024-09-05 N/A 7.2 HIGH
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device by executing a crafted CLI command.
CVE-2024-42061 1 Zyxel 16 Atp100, Atp100w, Atp200 and 13 more 2024-09-05 N/A 6.1 MEDIUM
A reflected cross-site scripting (XSS) vulnerability in the CGI program "dynamic_script.cgi" of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an attacker to trick a user into visiting a crafted URL with the XSS payload. The attacker could obtain browser-based information if the malicious script is executed on the victim’s browser.
CVE-2023-43314 1 Zyxel 2 Pmg2005-t20b, Pmg2005-t20b Firmware 2024-08-02 N/A 7.5 HIGH
** UNSUPPORTED WHEN ASSIGNED **The buffer overflow vulnerability in the Zyxel PMG2005-T20B firmware version V1.00(ABNK.2)b11_C0 could allow an unauthenticated attacker to cause a denial of service condition via a crafted uid.
CVE-2020-29583 1 Zyxel 60 Atp100, Atp100 Firmware, Atp100w and 57 more 2024-07-26 10.0 HIGH 9.8 CRITICAL
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges.
CVE-2020-12695 21 Asus, Broadcom, Canon and 18 more 217 Rt-n11, Adsl, Selphy Cp1200 and 214 more 2024-04-08 7.8 HIGH 7.5 HIGH
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
CVE-2023-33009 1 Zyxel 46 Atp100, Atp100 Firmware, Atp100w and 43 more 2024-04-01 N/A 9.8 CRITICAL
A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
CVE-2008-1526 1 Zyxel 38 P-660h-61, P-660h-61 Firmware, P-660h-63 and 35 more 2024-02-14 5.0 MEDIUM 7.5 HIGH
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3), do not use a salt when calculating an MD5 password hash, which makes it easier for attackers to crack passwords.