Lucene search
K

93 matches found

CVE
CVE
added 2025/10/21 1:57 a.m.17 views

CVE-2025-9133

Summary of CVE-2025-9133 (Zyxel devices) Technical details in the connected PT-2025-42828 entry show a missing authorization flaw in Zyxel ATP series, Zyxel USG FLEX series, and Zyxel USG20(W)-VPN devices. The vulnerability arises from insufficient input validation/logic in the CGI interface, spe...

8.1CVSS6.7AI score0.05462EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/21 1:49 a.m.3 views

CVE-2025-8078

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16...

7.2CVSS7.2AI score0.01484EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/21 1:49 a.m.5 views

EUVD-2025-35120

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16...

7.2CVSS7.1AI score0.01484EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/21 1:49 a.m.12 views

CVE-2025-8078

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16...

7.2CVSS0.01484EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/21 12:0 a.m.11 views

PT-2025-42828

Name of the Vulnerable Software and Affected Versions Zyxel ATP series versions V4.32 through V5.40 Zyxel USG FLEX series versions V4.50 through V5.40 Zyxel USG FLEX 50W series versions V4.16 through V5.40 Zyxel USG20W-VPN series versions V4.16 through V5.40 Description A missing authorization fl...

8.1CVSS9.5AI score0.05462EPSS
Exploits0References15
VulnCheck KEV
VulnCheck KEV
added 2025/10/17 12:0 a.m.41 views

VulnCheck KEV: CVE-2022-0342

An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware...

9.8CVSS5.8AI score0.84839EPSS
In wildExploits0References30
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-21676

Malware in sbrugna...

9.8CVSS9.2AI score0.02255EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-38241

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00692EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-27017

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01054EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-27016

Malicious code in bioql PyPI...

7.2CVSS7AI score0.01033EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.21 views

EUVD-2025-12140

Malicious code in bioql PyPI...

7.8CVSS6.4AI score0.0093EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-27015

Malicious code in bioql PyPI...

8.1CVSS8.1AI score0.01291EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.16 views

EUVD-2025-12335

Malicious code in bioql PyPI...

6.7CVSS6.4AI score0.002EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-58231

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.00218EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:52 a.m.5 views

CVE-2023-22914

A path traversal vulnerability in the “accountprint.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote authenticated attacker with administrator privileges to execute unauthorized OS command...

7.2CVSS7.1AI score0.01033EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:33 a.m.10 views

CVE-2023-5960

An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device...

5.5CVSS6.7AI score0.00218EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 12:39 a.m.7 views

CVE-2022-40603

A cross-site scripting XSS vulnerability in the CGI program of Zyxel ZyWALL/USG series firmware versions 4.30 through 4.72, VPN series firmware versions 4.30 through 5.31, USG FLEX series firmware versions 4.50 through 5.31, and ATP series firmware versions 4.32 through 5.31, which could allow an...

6.1CVSS5.4AI score0.00359EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:46 p.m.17 views

CVE-2020-29583

Firmware version 4.60 of Zyxel USG devices contains an undocumented account zyfwp with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges...

10CVSS7.2AI score0.90049EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/05/21 12:0 a.m.5 views

Zyxel USG FLEX H Series Firewall < 1.30 Privilege Escalation

Firmware version of the Zyxel USG is less than uOS 1.30. This means the Zyxel device is vulnerable to a privilege escalation vulnerability. The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series firewalls could allow an authenticated local attacker to...

7.8CVSS5.5AI score0.00154EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/21 12:0 a.m.5 views

Zyxel USG FLEX H Series Firewall 1.20 < 1.32 Privilege Escalation

Firmware version of the Zyxel USG is less than uOS 1.32. This means the Zyxel device is vulnerable to mualtiple privilege escalation vulnerability. The incorrect permission assignment vulnerability in the PostgreSQL commands of certain USG FLEX H series uOS firmware versions could allow an...

7.8CVSS5.6AI score0.0093EPSS
Exploits2References2
Rows per page
Query Builder