VYPR
Unrated severityCISA KEVNVD Advisory· Published Nov 27, 2024· Updated Oct 21, 2025

CVE-2024-11667

CVE-2024-11667

Description

A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Zyxel/ATP seriesllm-fuzzy2 versions
    >=V5.00, <=V5.38+ 1 more
    • (no CPE)range: >=V5.00, <=V5.38
    • (no CPE)range: versions V5.00 through V5.38
  • Zyxel/USG FLEX seriesllm-fuzzy3 versions
    >=V5.00, <=V5.38+ 2 more
    • (no CPE)range: >=V5.00, <=V5.38
    • (no CPE)range: versions V5.10 through V5.38
    • (no CPE)range: versions V5.00 through V5.38
  • Range: versions V5.10 through V5.38

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.