130 matches found
CVE-2022-45853
CVE-2022-45853 affects Zyxel GS1900-8 and GS1900-8HP switches (firmware V2.70(AAHH.3)/V2.70(AAHI.3)). An authenticated local administrator can exploit insecure privilege management to run system commands as root via SSH, elevating privileges. Exploit details are not explicitly documented in the p...
CVE-2022-45853
The privilege escalation vulnerability in the Zyxel GS1900-8 firmware version V2.70AAHH.3 and the GS1900-8HP firmware version V2.70AAHI.3 could allow an authenticated, local attacker with administrator privileges to execute some system commands as 'root' on a vulnerable device via SSH...
PT-2023-8185 · Zyxel · Zyxel Gs1900-8
Name of the Vulnerable Software and Affected Versions: Zyxel GS1900-8 firmware version V2.70AAHH.3 Zyxel GS1900-8HP firmware version V2.70AAHI.3 Description: The issue is related to a privilege escalation vulnerability that could allow an authenticated, local attacker with administrator privilege...
Zyxel GS1900-8 安全漏洞
The Zyxel GS1900-8 is an intelligent managed switch from China Hopkins Zyxel with gigabit speeds and basic management features that bring greater flexibility and connectivity to users' business networks. A security vulnerability exists in the Zyxel GS1900-8. No information about this vulnerabilit...
CVE-2022-34746
An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private key by factoring...
CVE-2022-34746
An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private key by factoring...
CVE-2022-34746
CVE-2022-34746 affects Zyxel GS1900 series firmware prior to V2.70. The issue is an insufficient entropy vulnerability in RSA key pair generation due to improper randomness, enabling an unauthenticated attacker to retrieve the private key by factoring the RSA modulus N in the certificate used by ...
CVE-2022-34746
An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private key by factoring...
Zyxel GS1900 安全特征问题特征问题漏洞
The Zyxel GS1900 is a managed switch from Taiwan, China-based Hopkins Zyxel. A security signature issue vulnerability exists in the Zyxel GS1900 series prior to version V2.70, which stems from incorrectly generating RSA keys using a low entropy random source. An attacker exploits this vulnerabili...
PT-2022-22313 · Zyxel · Zyxel Gs1900
Name of the Vulnerable Software and Affected Versions: Zyxel GS1900 series firmware versions prior to V2.70 Description: An insufficient entropy issue, caused by the improper use of randomness sources with low entropy for RSA key pair generation, affects the web administration interface. This cou...
The vulnerability of the libsal.so file in Zyxel GS1900 series switch software allows a hacker to execute arbitrary commands.
The vulnerability of the libsal.so file in Zyxel GS1900 series switch software lies in the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows an attacker to execute arbitrary OS commands through the graphical interface...
The vulnerability of the TFTP-client software for Zyxel GS1900 and XGS1210 series switch devices allows a intruder to execute arbitrary commands.
The vulnerability of the TFTP-client software for Zyxel GS1900 and XGS1210 series switch devices is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary OS commands via the graphical interface...
Zyxel GS1900 Operating System Command Injection Vulnerability
Zyxel ZyXEL GS1900 is a managed switch from Zyxel Taiwan, China. An operating system command injection vulnerability exists in the Zyxel GS1900, which can be exploited by an attacker to invoke a function to execute arbitrary system commands...
CVE-2021-35032
A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call...
CVE-2021-35031
A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device...
CVE-2021-35032
A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call...
CVE-2021-35031
A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device...
Design/Logic Flaw
A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call...
CVE-2021-35032
The CVE-2021-35032 issue affects Zyxel GS1900 series switches running firmware 2.60, due to a flaw in the libsal.so component that allows an authenticated local user to execute arbitrary OS commands via a crafted function call. Affected product: Zyxel GS1900 switches; vulnerable surface: libsal.s...
CVE-2021-35032
A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call...