CVE-2023-4397

A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50W series firmware version 5.37, and USG20W-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause...

CVE-2025-9133

A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16 through V5.40 could...

Zyxel ATP series firmware和Zyxel USG FLEX series firmware 操作系统命令注入漏洞

Zyxel ATP series firmware and Zyxel USG FLEX series firmware are both products of the Chinese company Zyxel.Zyxel ATP series firmware is a series of firewall firmware.Zyxel USG FLEX series firmware is a series of Zyxel ATP series firmware is a series of firewall firmware. The Zyxel ATP series...

Zyxel多款产品 代码问题漏洞

Zyxel USG20W-VPN and others are products of China Hopkins Zyxel.Zyxel USG20W-VPN is a firewall appliance for use in corporate environments.Zyxel ATP series firmware is a series of firewall firmwares.Zyxel USG FLEX series firmware is a series of Zyxel USG FLEX series firmware is a series of securi...

CVE-2023-6398

A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50W series firmware versions from 4.16 through 5.37 Patch 1, USG20W-VPN...

CVE-2023-5960

An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device...

Zyxel ATP Cross-Site Scripting Vulnerability

Zyxel ATP is a firewall from China-based Zyxel. A cross-site scripting vulnerability exists in Zyxel ATP, which stems from a cross-site scripting XSS vulnerability in the CGI program. Affected products and versions: Zyxel ATP series versions 5.10 through 5.37, USG FLEX series versions 5.00 throug...

Zyxel ATP 安全漏洞

Zyxel ATP is a firewall from Zyxel China. A security vulnerability exists in Zyxel ATP ZLD versions V4.32 through V5.36 Patch 2, USG FLEX ZLD versions V4.50 through V5.36 Patch 2, USG FLEX 50W / USG20W-VPN ZLD versions V4.16 through V5.36 Patch 2, VPN ZLD versions V4.30 through V5.36. A security...

PT-2023-22605

Name of the Vulnerable Software and Affected Versions Dolibarr versions prior to 17.0.1 Zyxel ATP Series, USG FLEX Series, USG FLEX 50W Series, and USG20W-VPN Series affected versions not specified Description The issue allows remote code execution by an authenticated user via an uppercase...

Zyxel ATP 安全漏洞

The Zyxel ATP is a firewall from China's Hopkins Zyxel. A security vulnerability exists in Zyxel ATP Series 5.10 through 5.35 firmware versions, USG FLEX Series 5.00 through 5.35 firmware versions, USG FLEX 50W 5.10 through 5.35 firmware versions, USG20W-VPN 5.10 through 5.35 firmware versions, a...

Zyxel Unified Security Gateway (USG) Local Detection

Binary data zyxelusgdetect.nbin...

Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products

Zyxel has released a patch to address a critical vulnerability in its firmware concerning a hardcoded, undocumented secret account that could be abused by an attacker to login with administrative privileges and compromise its networking devices. The flaw, tracked as CVE-2020-29583 CVSS score 7.8,...

Huawei NIP6800, Secospace USG6600 and USG9500 Resource Management Error Vulnerability

Huawei USG9500 and others are products of Huawei, China.USG9500 is a data center firewall product.NIP6800 is an intrusion prevention system.USG6600 is a data center firewall product. A resource management error vulnerability exists in the Huawei NIP6800, Secospace USG6600, and USG9500, which can ...

CVE-2019-5275

USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a malicious certificate ...

Access Control Vulnerabilities in Multiple ZyXEL Products

ZyXEL ZyWall 310 and others are products of Taiwan, China-based ZyXEL Corporation.ZyXEL ZyWall 310 is a 310 series VPN firewall appliance.ZyXEL ZyWall 110 is a 110 series VPN firewall appliance.ZyXEL USG1900 is a next-generation unified security gateway appliance. A security vulnerability exists ...

Cross-site scripting vulnerability in multiple Zyxel devices

ZyXEL ZyWall 310 and others are products of Taiwan, China-based ZyXEL Corporation.ZyXEL ZyWall 310 is a 310 series VPN firewall appliance.ZyXEL ZyWall 110 is a 110 series VPN firewall appliance.ZyXEL USG1900 is a next-generation unified security gateway appliance. Zyxel ZyWall A cross-site...

CVE-2019-12581

A reflective Cross-site scripting XSS vulnerability in the freetimefailed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG devices allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter...

Memory leak vulnerability in multiple Huawei firewall products

Huawei USG series products and Secospace USG series are Huawei's new generation of professional intrusion prevention and firewall products for customers in enterprises, IDCs, campus networks and carriers. A memory leakage vulnerability exists in several Huawei firewall products, which can be...

IKEv2 protocol memory out-of-bounds access vulnerability in multiple Huawei products (CNVD-2017-38286)

Huawei IPS Module, NGFW Module, NIP6300/6600 series products and Secospace USG series are the new generation of professional intrusion prevention and firewall products launched by Huawei for enterprise, IDC, campus network and carrier customers. A memory out-of-bounds access vulnerability exists ...

Multiple Huawei Firewall USG Series Products Cross-Site Request Forgery Vulnerabilities

Huawei USG9500 and others are firewall products from Huawei China. A cross-site request forgery vulnerability exists in multiple Huawei Firewall USG Series products. A remote attacker can exploit this vulnerability to perform unauthorized operations...