290 matches found
CVE-2020-15327
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication...
CVE-2020-15334
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence injection into the /var/log/axxmpp.log file...
CVE-2020-15343
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zyinstalluserkey API...
CVE-2020-15346
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key...
CVE-2020-15345
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zygetinstancesforupdate API...
CVE-2020-15326
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem...
CVE-2020-15341
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated updateallrealmlicense API...
CVE-2020-15323
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials...
The vulnerability of the CPE WAN Management Protocol (TR-069) software implementation for centralized device management in the Zyxel Cloud network, enabled by SecuManager, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the CPE WAN Management Protocol TR-069 software for centralized device management in the Zyxel Cloud environment is related to the use of strictly encrypted credentials during the processing of SSH keys. The exploit allows an attacker to gain unauthorized access to protected...
Zyxel CloudCNM SecuManager axiros Default Account Vulnerability
Zyxel ZyXEL CloudCNM SecuManager is a suite of network management software from Zyxel Taiwan, China. Zyxel CloudCNM SecuManager suffers from axiros default account vulnerability, which can be exploited by remote attackers to submit a special request for unauthorized access to the system...
Zyxel CloudCNM SecuManager Trust Management Issue Vulnerability (CNVD-2022-68082)
Zyxel ZyXEL CloudCNM SecuManager is a suite of network management software from Zyxel Taiwan, China. A trust management issue vulnerability exists in Zyxel CloudCNM SecuManager ZODB, which can be exploited by remote attackers to submit a special request and obtain sensitive information without...
Zyxel CloudCNM SecuManager /opt/axess/etc/default/axess hard-coded vulnerability
Zyxel ZyXEL CloudCNM SecuManager is a network management software from Zyxel, Taiwan, China. requests to gain unauthorized access to the system...
Zyxel CloudCNM SecuManager Hardcoding Vulnerability
Zyxel ZyXEL CloudCNM SecuManager is a set of network management software from Zyxel, Taiwan, China. Zyxel CloudCNM SecuManager ejabberd has a hard-coded vulnerability that can be exploited by remote attackers to submit special requests for unauthorized access to the application system...
CVE-2020-15332
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/default/axess permissions...
CVE-2020-15342
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zyinstalluser API...
CVE-2020-15334
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence injection into the /var/log/axxmpp.log file...
CVE-2020-15344
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zygetuseridandkey API...
CVE-2020-15338
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /cnr requests...
CVE-2020-15339
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows live/CPEManager/AXCampaignManager/handlecampaignscriptlink?scriptname= XSS...
CVE-2020-15345
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zygetinstancesforupdate API...