Vulnerabilities (CVE)

Filtered by vendor Zyxel Subscribe
Total 243 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-4474 1 Zyxel 4 Nas326, Nas326 Firmware, Nas542 and 1 more 2023-12-06 N/A 9.8 CRITICAL
The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
CVE-2023-4473 1 Zyxel 4 Nas326, Nas326 Firmware, Nas542 and 1 more 2023-12-06 N/A 9.8 CRITICAL
A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
CVE-2023-37927 1 Zyxel 4 Nas326, Nas326 Firmware, Nas542 and 1 more 2023-12-06 N/A 8.8 HIGH
The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
CVE-2023-37928 1 Zyxel 4 Nas326, Nas326 Firmware, Nas542 and 1 more 2023-12-06 N/A 8.8 HIGH
A post-authentication command injection vulnerability in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
CVE-2023-35137 1 Zyxel 4 Nas326, Nas326 Firmware, Nas542 and 1 more 2023-12-05 N/A 7.5 HIGH
An improper authentication vulnerability in the authentication module of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to obtain system information by sending a crafted URL to a vulnerable device.
CVE-2023-35138 1 Zyxel 4 Nas326, Nas326 Firmware, Nas542 and 1 more 2023-12-05 N/A 9.8 CRITICAL
A command injection vulnerability in the “show_zysync_server_contents” function of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.
CVE-2023-35139 1 Zyxel 20 Atp100, Atp100w, Atp200 and 17 more 2023-12-04 N/A 6.1 MEDIUM
A cross-site scripting (XSS) vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50(W) series firmware versions 5.10 through 5.37, USG20(W)-VPN series firmware versions 5.10 through 5.37, and VPN series firmware versions 5.00 through 5.37, could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed to steal cookies when the user visits the specific CGI used for dumping ZTP logs.
CVE-2023-37925 1 Zyxel 58 Atp100, Atp100w, Atp200 and 55 more 2023-12-04 N/A 5.5 MEDIUM
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.
CVE-2023-35136 1 Zyxel 20 Atp100, Atp100w, Atp200 and 17 more 2023-12-04 N/A 5.5 MEDIUM
An improper input validation vulnerability in the “Quagga” package of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to access configuration files on an affected device.
CVE-2023-37926 1 Zyxel 20 Atp100, Atp100w, Atp200 and 17 more 2023-12-04 N/A 5.5 MEDIUM
A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device.
CVE-2023-4397 1 Zyxel 16 Atp100, Atp100w, Atp200 and 13 more 2023-12-04 N/A 4.4 MEDIUM
A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device.
CVE-2023-4398 1 Zyxel 20 Atp100, Atp100w, Atp200 and 17 more 2023-12-04 N/A 7.5 HIGH
An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions on an affected device by sending a crafted IKE packet.
CVE-2023-5650 1 Zyxel 20 Atp100, Atp100w, Atp200 and 17 more 2023-12-04 N/A 5.5 MEDIUM
An improper privilege management vulnerability in the ZySH of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to modify the URL of the registration page in the web GUI of an affected device.
CVE-2023-5797 1 Zyxel 58 Atp100, Atp100w, Atp200 and 55 more 2023-12-04 N/A 5.5 MEDIUM
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.
CVE-2023-5960 1 Zyxel 12 Usg Flex 100, Usg Flex 100w, Usg Flex 200 and 9 more 2023-12-01 N/A 5.5 MEDIUM
An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device.
CVE-2023-5593 1 Zyxel 1 Secuextender Ssl Vpn 2023-11-30 N/A N/A
The out-of-bounds write vulnerability in the Windows-based SecuExtender SSL VPN Client software version 4.0.4.0 could allow an authenticated local user to gain a privilege escalation by sending a crafted CREATE message.
CVE-2023-35140 1 Zyxel 20 Gs1900-10hp, Gs1900-10hp Firmware, Gs1900-16 and 17 more 2023-11-14 N/A N/A
The improper privilege management vulnerability in the Zyxel GS1900-24EP switch firmware version V2.70(ABTO.5) could allow an authenticated local user with read-only access to modify system settings on a vulnerable device.
CVE-2023-43314 1 Zyxel 2 Pmg2005-t20b, Pmg2005-t20b Firmware 2023-11-07 N/A 7.5 HIGH
The buffer overflow vulnerability in the Zyxel PMG2005-T20B firmware version V1.00(ABNK.2)b11_C0 could allow an authenticated attacker with administrator privileges to cause a denial of service condition via a crafted uid.
CVE-2020-29583 1 Zyxel 30 Usg110, Usg1100, Usg1100 Firmware and 27 more 2023-11-07 10.0 HIGH 9.8 CRITICAL
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges.
CVE-2020-12695 18 Asus, Broadcom, Canon and 15 more 257 Rt-n11, Adsl, Selphy Cp1200 and 254 more 2023-11-07 7.8 HIGH 7.5 HIGH
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.