4 matches found
CVE-2022-26532
A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series...
Zyxel Buffer Overflow / Format String / Command Injection
-- HNS-2022-02 - HN Security Advisory - https://security.humanativaspa.it/ Title: Multiple vulnerabilities in Zyxel zysh Products: Zyxel firewalls, AP controllers, and APs Author: Marco Ivaldi Date: 2022-06-07 CVE Names and Vendor CVSS Scores: CVE-2022-26531:...
Zyxel Issues Patches for 4 New Flaws Affecting AP, API Controller, and Firewall Devices
Zyxel has released patches to address four security flaws affecting its firewall, AP Controller, and AP products to execute arbitrary operating system commands and steal select information. The list of security vulnerabilities is as follows - CVE-2022-0734 - A cross-site scripting XSS...
CVE-2022-26532
CVE-2022-26532 is a local command-injection vulnerability in Zyxel devices’ packet-trace CLI, affecting USG/ZyWALL family firmwares 4.09–4.71, USG FLEX 4.50–5.21, ATP 4.32–5.21, VPN 4.30–5.21, NSG 1.00–1.33 Patch 4, NXC2500 6.10 AAIG.3 and earlier, NAP203 6.25 ABFA.7 and earlier, NWA50AX 6.25 ABY...