Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Vulnerabilities fixed in Zyxel products

🗓️ 04 Dec 2023 00:00:00Reported by NCSCType 
ncsc
 ncsc🔗 advisories.ncsc.nl👁 2 Views

Zyxel fixed ATP and USG firewall vulnerabilities, including cross site scripting, denial of service, and data manipulation.

Related
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability of the QuickSec IPSec microprogramming software for network devices from Zyxel, including models such as ATP, USG FLEX, USG FLEX50(W), and USG20(W)-VPN, as well as VPN, allows a hacker to cause service interruptions.
29 Nov 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the Common Gateway Interface (CGI) interface of ZyXEL VPN, USG FLEX, and ATP microprogramming devices allows attackers to carry out cross-site scripting attacks and gain unauthorized access to protected information.
1 Dec 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the command shell of ZySH microprogramming software for network devices such as ZyXEL USG FLEX and ATP allows a hacker to alter the URL address of the registration page.
1 Dec 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the microprogrammed software of ZyXEL USG FLEX and ATP devices, related to the operation of writing data beyond the buffer in memory, allows a intruder to cause service failure.
1 Dec 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the Wi-Fi hotspot implementation of the microprogramming software for network devices ZyXEL USG FLEX and VPN allows a intruder to gain unauthorized access to protected information.
1 Dec 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the Quagga microprogramming software for network devices such as ZyXEL VPN, USG FLEX, and ATP allows a intruder to gain unauthorized access to protected information.
1 Dec 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the microprogrammed software of ZyXEL VPN, USG FLEX, and ATP lies in the fact that operation outputs go beyond the buffer in memory, allowing a intruder to cause a service failure.
1 Dec 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the command-line interface (CLI) of microprogramming software for network devices such as ZyXEL VPN, USG FLEX, and ATP allows a intruder to gain unauthorized access to protected information.
1 Dec 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the command-line interface (CLI) of microprogramming software for network devices such as ZyXEL VPN, USG FLEX, and ATP allows a intruder to gain unauthorized access to protected information.
1 Dec 202300:00
bdu_fstec
Circl		CVE-2023-35139
17 Dec 202312:12
circl
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
04 Dec 2023 00:00Current
6.5Medium risk
Vulners AI Score6.5
CVSS 3.17.5
EPSS0.00193
SSVC
ZyxelATP firewallUSG firewallcross site scriptingdenial of servicedata manipulationsystem data access
2