18 matches found
EUVD-2020-17714
Malware in sbrugna...
EUVD-2023-58976
Malicious code in bioql PyPI...
EUVD-2023-38241
Malicious code in bioql PyPI...
CVE-2023-22914
A path traversal vulnerability in the “accountprint.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote authenticated attacker with administrator privileges to execute unauthorized OS command...
CVE-2022-40603
A cross-site scripting XSS vulnerability in the CGI program of Zyxel ZyWALL/USG series firmware versions 4.30 through 4.72, VPN series firmware versions 4.30 through 5.31, USG FLEX series firmware versions 4.50 through 5.31, and ATP series firmware versions 4.32 through 5.31, which could allow an...
Zyxel多款产品 操作系统命令注入漏洞
Zyxel USG20W-VPN and others are products of China Hopkins Zyxel.Zyxel USG20W-VPN is a firewall appliance for use in corporate environments.Zyxel ATP series firmware is a series of firewall firmware.Zyxel USG FLEX series firmware is a series of Zyxel USG FLEX series firmware is a series of securit...
PT-2024-1935 · Zyxel · Zyxel Usg +1
Name of the Vulnerable Software and Affected Versions: Zyxel USG and Zyxel VPN affected versions not specified Description: The issue is related to a buffer overflow in the memory of the SMB service in the firmware of Zyxel USG and Zyxel VPN firewalls and VPN devices. This can be exploited by a...
PT-2023-7252 · Zyxel · Zyxel Vpn +1
Name of the Vulnerable Software and Affected Versions: Zyxel USG FLEX series firmware versions 4.50 through 5.37 Zyxel VPN series firmware versions 4.30 through 5.37 Description: The issue is related to improper privilege management in the hotspot feature of the affected devices. This could allow...
CVE-2023-34139
A command injection vulnerability in the Free Time WiFi hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.36 Patch 2 and VPN series firmware versions 4.20 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affecte...
Zyxel Issues Critical Security Patches for Firewall and VPN Products
Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution. Both the flaws – CVE-2023-33009 and CVE-2023-33010 – are buffer overflow vulnerabilities and are rated 9.8 out ...
PT-2023-3606 · Zyxel · Zyxel Usg Flex Series +4
Name of the Vulnerable Software and Affected Versions: Zyxel ATP series versions 5.10 through 5.36 Patch 2 Zyxel USG FLEX series versions 5.00 through 5.36 Patch 2 Zyxel USG FLEX 50W series versions 5.10 through 5.36 Patch 2 Zyxel USG20W-VPN series versions 5.10 through 5.36 Patch 2 Zyxel VPN...
CVE-2023-28771
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to...
CVE-2023-22914
A path traversal vulnerability in the “accountprint.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote authenticated attacker with administrator privileges to execute unauthorized OS command...
CVE-2023-22914
CVE-2023-22914 affects Zyxel USG FLEX (firmware 4.50–5.35) and VPN series (4.30–5.35). The root cause is a path traversal in account_print.cgi that can let a remote authenticated administrator execute OS commands in the tmp directory by uploading a crafted file when the hotspot function is enable...
PT-2023-3348 · Zyxel · Zyxel Vpn +1
Name of the Vulnerable Software and Affected Versions: Zyxel USG FLEX series firmware versions 4.50 through 5.35 Zyxel VPN series firmware versions 4.30 through 5.35 Description: A post-authentication command injection vulnerability in the account operator.cgi CGI program could allow a remote...
PT-2023-7790 · Zyxel · Zyxel Usg Flex Series +4
Name of the Vulnerable Software and Affected Versions: Zyxel ATP series versions 4.32 through 5.35 Zyxel USG FLEX series versions 4.50 through 5.35 Zyxel USG FLEX 50W versions 4.16 through 5.35 Zyxel USG20W-VPN versions 4.16 through 5.35 Zyxel VPN series versions 4.30 through 5.35 Description: Th...
PT-2023-7450 · Zyxel · Zyxel Usg Flex Series +4
Name of the Vulnerable Software and Affected Versions: Zyxel ATP series versions 5.10 through 5.32 Zyxel USG FLEX series versions 5.00 through 5.32 Zyxel USG FLEX 50W versions 5.10 through 5.32 Zyxel USG20W-VPN versions 5.10 through 5.32 Zyxel VPN series versions 5.00 through 5.35 Description: A...
PT-2022-3781 · Zyxel · Zyxel Usg/Zywall Series +8
Name of the Vulnerable Software and Affected Versions: Zyxel USG FLEX 100W versions 4.50 through 5.30 Zyxel USG FLEX 200 versions 4.50 through 5.30 Zyxel USG FLEX 500 versions 4.50 through 5.30 Zyxel USG FLEX 700 versions 4.50 through 5.30 Zyxel USG FLEX 50W versions 4.16 through 5.30 Zyxel...