VYPR

VPN series

by Zyxel

CVEs (37)

  • CVE-2023-28771KEVApr 25, 2023
    Hola
    VPN
    risk 0.23cvss epss 0.94

    Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an…

  • CVE-2022-30525KEVMay 12, 2022
    Zyxel
    ATP series
    risk 0.23cvss epss 0.94

    A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00…

  • CVE-2023-33010KEVMay 24, 2023
    Zyxel
    ATP series
    risk 0.12cvss epss 0.07

    A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions…

  • CVE-2023-33009KEVMay 24, 2023
    Zyxel
    ATP series
    risk 0.12cvss epss 0.06

    A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions…

  • CVE-2022-0342Mar 28, 2022
    Zyxel
    ATP series
    risk 0.07cvss epss 0.92

    An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG…

  • CVE-2023-33012Jul 17, 2023
    Zyxel
    ATP series
    risk 0.04cvss epss 0.09

    A command injection vulnerability in the configuration parser of the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.10 through 5.36 Patch 2, USG20(W)-VPN series…

  • CVE-2022-30526Jul 19, 2022
    Zyxel
    ATP series
    risk 0.03cvss epss 0.03

    A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through…

  • CVE-2023-5960Nov 28, 2023
    Zyxel
    USG FLEX series
    risk 0.00cvss epss 0.00

    An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device.

  • CVE-2023-5797Nov 28, 2023
    Zyxel
    ATP series
    risk 0.00cvss epss 0.00

    An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware…

  • CVE-2023-5650Nov 28, 2023
    Zyxel
    ATP series
    risk 0.00cvss epss 0.00

    An improper privilege management vulnerability in the ZySH of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16…

  • CVE-2023-4398Nov 28, 2023
    Zyxel
    ATP series
    risk 0.00cvss epss 0.00

    An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37,…

  • CVE-2023-37926Nov 28, 2023
    Zyxel
    ATP series
    risk 0.00cvss epss 0.00

    A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series…

  • CVE-2023-37925Nov 28, 2023
    Zyxel
    ATP series
    risk 0.00cvss epss 0.00

    An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware…

  • CVE-2023-35139Nov 28, 2023
    Zyxel
    ATP series
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50(W) series firmware versions 5.10 through 5.37, USG20(W)-VPN series firmware versions 5.10…

  • CVE-2023-35136Nov 28, 2023
    Quagga (software)
    Quagga
    risk 0.00cvss epss 0.00

    An improper input validation vulnerability in the “Quagga” package of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware…

  • CVE-2023-34141Jul 17, 2023
    Zyxel
    ATP series
    risk 0.00cvss epss 0.00

    A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.00 through 5.36 Patch 2,…

  • CVE-2023-34140Jul 17, 2023
    Zyxel
    ATP series
    risk 0.00cvss epss 0.00

    A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16…

  • CVE-2023-34139Jul 17, 2023
    Zyxel
    USG FLEX series
    risk 0.00cvss epss 0.00

    A command injection vulnerability in the Free Time WiFi hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.36 Patch 2 and VPN series firmware versions 4.20 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS…

  • CVE-2023-34138Jul 17, 2023
    Zyxel
    ATP series
    risk 0.00cvss epss 0.00

    A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2, USG FLEX series firmware versions 4.60 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.60 through 5.36 Patch 2, USG20(W)-VPN…

  • CVE-2023-33011Jul 17, 2023
    Zyxel
    ATP series
    risk 0.00cvss epss 0.00

    A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.10 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.10 through…

Page 1 of 2