Lucene search
K

130 matches found

CVE
CVE
added 2023/05/30 10:2 a.m.96 views

CVE-2022-45853

CVE-2022-45853 affects Zyxel GS1900-8 and GS1900-8HP switches (firmware V2.70(AAHH.3)/V2.70(AAHI.3)). An authenticated local administrator can exploit insecure privilege management to run system commands as root via SSH, elevating privileges. Exploit details are not explicitly documented in the p...

6.7CVSS7.4AI score0.0017EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/30 10:2 a.m.31 views

CVE-2022-45853

The privilege escalation vulnerability in the Zyxel GS1900-8 firmware version V2.70AAHH.3 and the GS1900-8HP firmware version V2.70AAHI.3 could allow an authenticated, local attacker with administrator privileges to execute some system commands as 'root' on a vulnerable device via SSH...

6.7CVSS7AI score0.0017EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/30 12:0 a.m.7 views

PT-2023-8185 · Zyxel · Zyxel Gs1900-8

Name of the Vulnerable Software and Affected Versions: Zyxel GS1900-8 firmware version V2.70AAHH.3 Zyxel GS1900-8HP firmware version V2.70AAHI.3 Description: The issue is related to a privilege escalation vulnerability that could allow an authenticated, local attacker with administrator privilege...

6.7CVSS7.6AI score0.0017EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/05/30 12:0 a.m.7 views

Zyxel GS1900-8 安全漏洞

The Zyxel GS1900-8 is an intelligent managed switch from China Hopkins Zyxel with gigabit speeds and basic management features that bring greater flexibility and connectivity to users' business networks. A security vulnerability exists in the Zyxel GS1900-8. No information about this vulnerabilit...

6.7CVSS6.9AI score0.0017EPSS
Exploits0References1
OSV
OSV
added 2022/09/20 2:15 a.m.5 views

CVE-2022-34746

An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private key by factoring...

5.9CVSS5.8AI score0.0032EPSS
Exploits0References1
NVD
NVD
added 2022/09/20 2:15 a.m.15 views

CVE-2022-34746

An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private key by factoring...

5.9CVSS0.0032EPSS
Exploits0References1
CVE
CVE
added 2022/09/20 1:50 a.m.72 views

CVE-2022-34746

CVE-2022-34746 affects Zyxel GS1900 series firmware prior to V2.70. The issue is an insufficient entropy vulnerability in RSA key pair generation due to improper randomness, enabling an unauthenticated attacker to retrieve the private key by factoring the RSA modulus N in the certificate used by ...

5.9CVSS5.7AI score0.0032EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/09/20 1:50 a.m.27 views

CVE-2022-34746

An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private key by factoring...

5.9CVSS6AI score0.0032EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/09/20 12:0 a.m.6 views

Zyxel GS1900 安全特征问题特征问题漏洞

The Zyxel GS1900 is a managed switch from Taiwan, China-based Hopkins Zyxel. A security signature issue vulnerability exists in the Zyxel GS1900 series prior to version V2.70, which stems from incorrectly generating RSA keys using a low entropy random source. An attacker exploits this vulnerabili...

5.9CVSS6.1AI score0.0032EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/20 12:0 a.m.8 views

PT-2022-22313 · Zyxel · Zyxel Gs1900

Name of the Vulnerable Software and Affected Versions: Zyxel GS1900 series firmware versions prior to V2.70 Description: An insufficient entropy issue, caused by the improper use of randomness sources with low entropy for RSA key pair generation, affects the web administration interface. This cou...

5.9CVSS5.7AI score0.0032EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/02/17 12:0 a.m.6 views

The vulnerability of the libsal.so file in Zyxel GS1900 series switch software allows a hacker to execute arbitrary commands.

The vulnerability of the libsal.so file in Zyxel GS1900 series switch software lies in the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows an attacker to execute arbitrary OS commands through the graphical interface...

7.8CVSS7.6AI score0.00213EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/02/17 12:0 a.m.8 views

The vulnerability of the TFTP-client software for Zyxel GS1900 and XGS1210 series switch devices allows a intruder to execute arbitrary commands.

The vulnerability of the TFTP-client software for Zyxel GS1900 and XGS1210 series switch devices is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary OS commands via the graphical interface...

8CVSS7.8AI score0.00463EPSS
Exploits0References3
CNVD
CNVD
added 2021/12/29 12:0 a.m.25 views

Zyxel GS1900 Operating System Command Injection Vulnerability

Zyxel ZyXEL GS1900 is a managed switch from Zyxel Taiwan, China. An operating system command injection vulnerability exists in the Zyxel GS1900, which can be exploited by an attacker to invoke a function to execute arbitrary system commands...

7.8CVSS7.9AI score0.00213EPSS
Exploits0References1
NVD
NVD
added 2021/12/28 11:15 a.m.17 views

CVE-2021-35032

A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call...

7.8CVSS0.00213EPSS
Exploits0References1
NVD
NVD
added 2021/12/28 11:15 a.m.35 views

CVE-2021-35031

A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device...

8CVSS0.00463EPSS
Exploits0References1
OSV
OSV
added 2021/12/28 11:15 a.m.4 views

CVE-2021-35032

A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call...

7.8CVSS6AI score0.00213EPSS
Exploits0References1
OSV
OSV
added 2021/12/28 11:15 a.m.5 views

CVE-2021-35031

A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device...

8CVSS7.5AI score0.00463EPSS
Exploits0References1
Prion
Prion
added 2021/12/28 11:15 a.m.19 views

Design/Logic Flaw

A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call...

7.2CVSS7.6AI score0.00213EPSS
Exploits0References1Affected Software12
CVE
CVE
added 2021/12/28 10:42 a.m.61 views

CVE-2021-35032

The CVE-2021-35032 issue affects Zyxel GS1900 series switches running firmware 2.60, due to a flaw in the libsal.so component that allows an authenticated local user to execute arbitrary OS commands via a crafted function call. Affected product: Zyxel GS1900 switches; vulnerable surface: libsal.s...

7.8CVSS7.6AI score0.00213EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/12/28 10:42 a.m.23 views

CVE-2021-35032

A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call...

6.4CVSS7.8AI score0.00213EPSS
Exploits0References1
Rows per page
Query Builder