The vulnerability of the File Transfer Protocol (FTP) implementation in the microprogrammed networking devices of ZyXEL USG FLEX, USG FLEX 50(W)/USG20(W)-VPN, USG FLEX H, and ATP allows a perpetrator to execute arbitrary commands.

The vulnerability of the File Transfer Protocol FTP implementation in microprogrammed network devices such as ZyXEL USG FLEX, USG FLEX 50W/USG20W-VPN, USG FLEX H, and ATP lies in the lack of measures to neutralize special elements used in operating system commands during the loading of binary...

CVE-2012-5032

The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation in Cisco IOS before 15.11SY3 does not require authentication, which allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination, or the discarding of this traffic, by arranging for an...

Authentication flaw

The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation in Cisco IOS before 15.11SY3 does not require authentication, which allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination, or the discarding of this traffic, by arranging for an...

CVE-2012-5032

The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation in Cisco IOS before 15.11SY3 does not require authentication, which allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination, or the discarding of this traffic, by arranging for an...

CVE-2012-5032

The CVE-2012-5032 issue affects Cisco IOS with the Flex-VPN load-balancing feature in the ipsec-ikev2 implementation prior to 15.1(1)SY3. The root cause is that this feature does not require authentication, enabling an attacker to cause VPN traffic to be forwarded to an attacker-controlled destin...