Lucene search
K

4 matches found

VulnCheck KEV
VulnCheck KEV
added 2024/11/25 12:0 a.m.9 views

VulnCheck KEV: CVE-2024-42057

A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50W series firmware versions from V4.16 through V5.38, and USG20W-VPN series firmware versions from...

8.1CVSS5.8AI score0.0132EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/09/04 11:27 a.m.31 views

Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers

Zyxel has released software updates to address a critical security flaw impacting certain access point AP and security router versions that could result in the execution of unauthorized commands. Tracked as CVE-2024-7261 CVSS score: 9.8, the vulnerability has been described as a case of operating...

9.8CVSS7.5AI score0.11269EPSS
Exploits0
Circl
Circl
added 2024/09/03 4:55 a.m.12 views

CVE-2024-42057

creationtimestamp| type| source ---|---|--- 2024-09-03 04:55:48+00:00| seen| https://t.me/cvedetector/4663 2024-09-04 12:00:00+00:00| seen| https://t.me/truesecator/6165 2024-09-05 08:37:49+00:00| seen| https://vulnerability.circl.lu/bundle/c854b418-a4e1-4135-958a-a523843c27f0 2024-11-19...

8.1CVSS6AI score0.0132EPSS
Exploits0References9
CVE
CVE
added 2024/09/03 1:43 a.m.107 views

CVE-2024-42057

CVE-2024-42057 affects Zyxel Zyxel ATP and USG FLEX/USG FLEX 50(W)/USG20(W)-VPN firmware from V4.16–V5.38 (and V4.32–V5.38 for ATP/USG), with an unauthenticated OS command injection via a crafted username. The root cause is in the IPSec VPN feature; successful exploitation requires User-Based-PSK...

8.1CVSS8.2AI score0.0132EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder