Vendor CVEs
Zyxel
All CVEs
341 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-43391 | 0.00 | — | 0.01 | Jan 11, 2023 | A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request. | |||
| CVE-2022-43389 | 0.00 | — | 0.01 | Jan 11, 2023 | A buffer overflow vulnerability in the library of the web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device. | |||
| CVE-2022-38546 | 0.00 | — | 0.01 | Dec 21, 2022 | A DNS misconfiguration was found in Zyxel NBG7510 firmware versions prior to V1.00(ABZY.3)C0, which could allow an unauthenticated attacker to access the DNS server when the device is switched to the AP mode. | |||
| CVE-2022-40603 | 0.00 | — | 0.00 | Dec 6, 2022 | A cross-site scripting (XSS) vulnerability in the CGI program of Zyxel ZyWALL/USG series firmware versions 4.30 through 4.72, VPN series firmware versions 4.30 through 5.31, USG FLEX series firmware versions 4.50 through 5.31, and ATP series firmware versions 4.32 through 5.31,… | |||
| CVE-2022-40602 | 0.00 | — | 0.01 | Nov 22, 2022 | A flaw in the Zyxel LTE3301-M209 firmware verisons prior to V1.00(ABLG.6)C0 could allow a remote attacker to access the device using an improper pre-configured password if the remote administration feature has been enabled by an authenticated administrator. | |||
| CVE-2022-34746 | 0.00 | — | 0.00 | Sep 20, 2022 | An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private… | |||
| CVE-2022-34747 | 0.00 | — | 0.02 | Sep 6, 2022 | A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet. | |||
| CVE-2022-2030 | 0.00 | — | 0.01 | Jul 19, 2022 | A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware… | |||
| CVE-2022-0823 | 0.00 | — | 0.00 | Jun 7, 2022 | An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could allow a local attacker to guess the password by using a timing side-channel attack. | |||
| CVE-2022-26532 | 0.00 | — | 0.05 | May 24, 2022 | A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through… | |||
| CVE-2022-0910 | 0.00 | — | 0.01 | May 24, 2022 | A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, and VPN… | |||
| CVE-2022-0734 | 0.00 | — | 0.08 | May 24, 2022 | A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35… | |||
| CVE-2022-26531 | 0.00 | — | 0.06 | May 24, 2022 | Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30… | |||
| CVE-2022-26414 | 0.00 | — | 0.00 | Apr 11, 2022 | A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service. | |||
| CVE-2022-26413 | 0.00 | — | 0.01 | Apr 11, 2022 | A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface. | |||
| CVE-2021-35036 | 0.00 | — | 0.00 | Mar 1, 2022 | A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file. | |||
| CVE-2021-4029 | 0.00 | — | 0.01 | Feb 22, 2022 | A command injection vulnerability in the CGI program of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary OS commands via a LAN interface. | |||
| CVE-2021-4030 | 0.00 | — | 0.00 | Feb 22, 2022 | A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts. | |||
| CVE-2021-35035 | 0.00 | — | 0.01 | Dec 29, 2021 | A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file. | |||
| CVE-2021-35034 | 0.00 | — | 0.01 | Dec 29, 2021 | An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted. | |||
| CVE-2021-35032 | 0.00 | — | 0.00 | Dec 28, 2021 | A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call. | |||
| CVE-2021-35031 | 0.00 | — | 0.00 | Dec 28, 2021 | A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device. | |||
| CVE-2021-35033 | 0.00 | — | 0.00 | Nov 23, 2021 | A vulnerability in specific versions of Zyxel NBG6818, NBG7815, WSQ20, WSQ50, WSQ60, and WSR30 firmware with pre-configured password management could allow an attacker to obtain root access of the device, if the local attacker dismantles the device and uses a USB-to-UART cable… | |||
| CVE-2021-35028 | 0.00 | — | 0.00 | Sep 29, 2021 | A command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to execute arbitrary OS commands. | |||
| CVE-2021-35027 | 0.00 | — | 0.02 | Sep 29, 2021 | A directory traversal vulnerability in the web server of the Zyxel VPN2S firmware version 1.12 could allow a remote attacker to gain access to sensitive information. | |||
| CVE-2021-35030 | 0.00 | — | 0.00 | Jul 26, 2021 | A vulnerability was found in the CGI program in Zyxel GS1900-8 firmware version V2.60, that did not properly sterilize packet contents and could allow an authenticated, local user to perform a cross-site scripting (XSS) attack via a crafted LLDP packet. | |||
| CVE-2021-35029 | 0.00 | — | 0.02 | Jul 2, 2021 | An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands… | |||
| CVE-2020-28899 | 0.00 | — | 0.02 | Mar 16, 2021 | The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication, which allows remote unauthenticated attackers (via crafted JSON action data to /cgi-bin/gui.cgi) to use all features provided by the router. Examples: change the router password,… | |||
| CVE-2020-29299 | 0.00 | — | 0.02 | Dec 27, 2020 | Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before SD-OS V10.03 week32, USG before ZLD V4.39 week38, USG FLEX before ZLD V4.55… | |||
| CVE-2020-20183 | 0.00 | — | 0.01 | Dec 14, 2020 | Insecure direct object reference vulnerability in Zyxel’s P1302-T10 v3 with firmware version 2.00(ABBX.3) and earlier allows attackers to gain privileges and access certain admin pages. | |||
| CVE-2020-25014 | 0.00 | — | 0.04 | Nov 27, 2020 | A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet. | |||
| CVE-2020-24355 | 0.00 | — | 0.02 | Sep 2, 2020 | Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by insecure permissions which allows regular and other users to create new users with elevated privileges. This is done by changing "FirstIndex" field in JSON that is… | |||
| CVE-2020-24354 | 0.00 | — | 0.01 | Aug 31, 2020 | Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by shell injection. | |||
| CVE-2020-13365 | 0.00 | — | 0.01 | Aug 6, 2020 | Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0;… | |||
| CVE-2020-13364 | 0.00 | — | 0.01 | Aug 6, 2020 | A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and… | |||
| CVE-2020-15324 | 0.00 | — | 0.01 | Jun 29, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials. | |||
| CVE-2020-15323 | 0.00 | — | 0.01 | Jun 29, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials. | |||
| CVE-2020-15322 | 0.00 | — | 0.01 | Jun 29, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account. | |||
| CVE-2020-15321 | 0.00 | — | 0.01 | Jun 29, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account. | |||
| CVE-2020-15320 | 0.00 | — | 0.01 | Jun 29, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account. | |||
| CVE-2020-15319 | 0.00 | — | 0.01 | Jun 29, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree. | |||
| CVE-2020-15318 | 0.00 | — | 0.01 | Jun 29, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree. | |||
| CVE-2020-15317 | 0.00 | — | 0.01 | Jun 29, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree. | |||
| CVE-2020-15316 | 0.00 | — | 0.01 | Jun 29, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree. | |||
| CVE-2020-15315 | 0.00 | — | 0.01 | Jun 29, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/axess chroot directory tree. | |||
| CVE-2020-15314 | 0.00 | — | 0.01 | Jun 29, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account. | |||
| CVE-2020-15313 | 0.00 | — | 0.01 | Jun 29, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account. | |||
| CVE-2020-15312 | 0.00 | — | 0.01 | Jun 29, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account. | |||
| CVE-2020-15332 | 0.00 | — | 0.01 | Jun 26, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/default/axess permissions. | |||
| CVE-2020-15333 | 0.00 | — | 0.01 | Jun 26, 2020 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows attackers to discover accounts via MySQL "select * from Administrator_users" and "select * from Users_users" requests. |
- CVE-2022-43391Jan 11, 2023risk 0.00cvss —epss 0.01
A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.
- CVE-2022-43389Jan 11, 2023risk 0.00cvss —epss 0.01
A buffer overflow vulnerability in the library of the web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device.
- CVE-2022-38546Dec 21, 2022risk 0.00cvss —epss 0.01
A DNS misconfiguration was found in Zyxel NBG7510 firmware versions prior to V1.00(ABZY.3)C0, which could allow an unauthenticated attacker to access the DNS server when the device is switched to the AP mode.
- CVE-2022-40603Dec 6, 2022risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in the CGI program of Zyxel ZyWALL/USG series firmware versions 4.30 through 4.72, VPN series firmware versions 4.30 through 5.31, USG FLEX series firmware versions 4.50 through 5.31, and ATP series firmware versions 4.32 through 5.31,…
- CVE-2022-40602Nov 22, 2022risk 0.00cvss —epss 0.01
A flaw in the Zyxel LTE3301-M209 firmware verisons prior to V1.00(ABLG.6)C0 could allow a remote attacker to access the device using an improper pre-configured password if the remote administration feature has been enabled by an authenticated administrator.
- CVE-2022-34746Sep 20, 2022risk 0.00cvss —epss 0.00
An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private…
- CVE-2022-34747Sep 6, 2022risk 0.00cvss —epss 0.02
A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet.
- CVE-2022-2030Jul 19, 2022risk 0.00cvss —epss 0.01
A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware…
- CVE-2022-0823Jun 7, 2022risk 0.00cvss —epss 0.00
An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could allow a local attacker to guess the password by using a timing side-channel attack.
- CVE-2022-26532May 24, 2022risk 0.00cvss —epss 0.05
A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through…
- CVE-2022-0910May 24, 2022risk 0.00cvss —epss 0.01
A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, and VPN…
- CVE-2022-0734May 24, 2022risk 0.00cvss —epss 0.08
A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35…
- CVE-2022-26531May 24, 2022risk 0.00cvss —epss 0.06
Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30…
- CVE-2022-26414Apr 11, 2022risk 0.00cvss —epss 0.00
A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.
- CVE-2022-26413Apr 11, 2022risk 0.00cvss —epss 0.01
A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.
- CVE-2021-35036Mar 1, 2022risk 0.00cvss —epss 0.00
A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.
- CVE-2021-4029Feb 22, 2022risk 0.00cvss —epss 0.01
A command injection vulnerability in the CGI program of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary OS commands via a LAN interface.
- CVE-2021-4030Feb 22, 2022risk 0.00cvss —epss 0.00
A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts.
- CVE-2021-35035Dec 29, 2021risk 0.00cvss —epss 0.01
A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file.
- CVE-2021-35034Dec 29, 2021risk 0.00cvss —epss 0.01
An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted.
- CVE-2021-35032Dec 28, 2021risk 0.00cvss —epss 0.00
A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call.
- CVE-2021-35031Dec 28, 2021risk 0.00cvss —epss 0.00
A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device.
- CVE-2021-35033Nov 23, 2021risk 0.00cvss —epss 0.00
A vulnerability in specific versions of Zyxel NBG6818, NBG7815, WSQ20, WSQ50, WSQ60, and WSR30 firmware with pre-configured password management could allow an attacker to obtain root access of the device, if the local attacker dismantles the device and uses a USB-to-UART cable…
- CVE-2021-35028Sep 29, 2021risk 0.00cvss —epss 0.00
A command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to execute arbitrary OS commands.
- CVE-2021-35027Sep 29, 2021risk 0.00cvss —epss 0.02
A directory traversal vulnerability in the web server of the Zyxel VPN2S firmware version 1.12 could allow a remote attacker to gain access to sensitive information.
- CVE-2021-35030Jul 26, 2021risk 0.00cvss —epss 0.00
A vulnerability was found in the CGI program in Zyxel GS1900-8 firmware version V2.60, that did not properly sterilize packet contents and could allow an authenticated, local user to perform a cross-site scripting (XSS) attack via a crafted LLDP packet.
- CVE-2021-35029Jul 2, 2021risk 0.00cvss —epss 0.02
An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands…
- CVE-2020-28899Mar 16, 2021risk 0.00cvss —epss 0.02
The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication, which allows remote unauthenticated attackers (via crafted JSON action data to /cgi-bin/gui.cgi) to use all features provided by the router. Examples: change the router password,…
- CVE-2020-29299Dec 27, 2020risk 0.00cvss —epss 0.02
Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before SD-OS V10.03 week32, USG before ZLD V4.39 week38, USG FLEX before ZLD V4.55…
- CVE-2020-20183Dec 14, 2020risk 0.00cvss —epss 0.01
Insecure direct object reference vulnerability in Zyxel’s P1302-T10 v3 with firmware version 2.00(ABBX.3) and earlier allows attackers to gain privileges and access certain admin pages.
- CVE-2020-25014Nov 27, 2020risk 0.00cvss —epss 0.04
A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.
- CVE-2020-24355Sep 2, 2020risk 0.00cvss —epss 0.02
Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by insecure permissions which allows regular and other users to create new users with elevated privileges. This is done by changing "FirstIndex" field in JSON that is…
- CVE-2020-24354Aug 31, 2020risk 0.00cvss —epss 0.01
Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by shell injection.
- CVE-2020-13365Aug 6, 2020risk 0.00cvss —epss 0.01
Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0;…
- CVE-2020-13364Aug 6, 2020risk 0.00cvss —epss 0.01
A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and…
- CVE-2020-15324Jun 29, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials.
- CVE-2020-15323Jun 29, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials.
- CVE-2020-15322Jun 29, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account.
- CVE-2020-15321Jun 29, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account.
- CVE-2020-15320Jun 29, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account.
- CVE-2020-15319Jun 29, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree.
- CVE-2020-15318Jun 29, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree.
- CVE-2020-15317Jun 29, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree.
- CVE-2020-15316Jun 29, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree.
- CVE-2020-15315Jun 29, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/axess chroot directory tree.
- CVE-2020-15314Jun 29, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account.
- CVE-2020-15313Jun 29, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account.
- CVE-2020-15312Jun 29, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account.
- CVE-2020-15332Jun 26, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/default/axess permissions.
- CVE-2020-15333Jun 26, 2020risk 0.00cvss —epss 0.01
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows attackers to discover accounts via MySQL "select * from Administrator_users" and "select * from Users_users" requests.
Page 5 of 7