Lucene search
K

31 matches found

Cvelist
Cvelist
added 2023/07/17 5:56 p.m.24 views

CVE-2023-34141

A command injection vulnerability in the access point AP management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.00 through 5.36 Patch 2, USG20W-VPN series firmware...

8CVSS8.6AI score0.00629EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/17 5:56 p.m.16 views

CVE-2023-34141

A command injection vulnerability in the access point AP management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.00 through 5.36 Patch 2, USG20W-VPN series firmware...

8CVSS7.9AI score0.00629EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/17 5:49 p.m.15 views

CVE-2023-34140

A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50W series firmware versions 4.16 through 5.36 Patch 2, USG20W-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN...

6.5CVSS7.3AI score0.00268EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/17 5:36 p.m.33 views

CVE-2023-34139

A command injection vulnerability in the Free Time WiFi hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.36 Patch 2 and VPN series firmware versions 4.20 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affecte...

8.8CVSS9.3AI score0.00692EPSS
Exploits0References1
CVE
CVE
added 2023/07/17 5:23 p.m.72 views

CVE-2023-33012

CVE-2023-33012 is a command-injection vulnerability in the configuration parser of Zyxel devices (ATP, USG FLEX/50(W), USG20(W)-VPN, VPN series). The root cause is a flaw in parsing GRE configurations when cloud management mode is enabled, allowing an unauthenticated, LAN-based attacker to execut...

8.8CVSS8.9AI score0.1014EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/07/17 5:15 p.m.48 views

CVE-2023-33011

A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.10 through 5.36 Patch 2, USG20W-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN...

8.8CVSS8.9AI score0.00303EPSS
Exploits0References1
CVE
CVE
added 2023/07/17 5:15 p.m.69 views

CVE-2023-33011

CVE-2023-33011 corresponds to a format-string vulnerability in Zyxel firmware affecting Zyxel ATP series (5.10–5.36 Patch 2), USG FLEX series (5.00–5.36 Patch 2), USG FLEX 50(W) (5.10–5.36 Patch 2), USG20(W)-VPN (5.10–5.36 Patch 2), and VPN series (5.00–5.36 Patch 2). The flaw permits an unauthen...

8.8CVSS8.6AI score0.00303EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/07/17 5:15 p.m.18 views

CVE-2023-28767

The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions 5.00 through 5.36, USG FLEX 50W series firmware versions 5.10 through 5.36, USG20W-VPN series firmware versions 5.10 through 5.36, and VP...

8.8CVSS0.00361EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/17 4:59 p.m.17 views

CVE-2023-28767

The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions 5.00 through 5.36, USG FLEX 50W series firmware versions 5.10 through 5.36, USG20W-VPN series firmware versions 5.10 through 5.36, and VP...

8.8CVSS7AI score0.00361EPSS
Exploits0References1
CERT
CERT
added 2015/11/03 12:0 a.m.223 views

ZTE ZXHN H108N R1A routers contain multiple vulnerabilities

Overview ZTE ZXHN H108N R1A router, version ZTE.bhs.ZXHNH108NR1A.hPE, and ZXV10 W300 router, version W300V1.0.0fER1PE, contain multiple vulnerabilities. Description CWE-200: Information Exposure - CVE-2015-7248 Multiple information exposure vulnerabilities enable an attacker to obtain credentials...

10CVSS7.5AI score0.1554EPSS
Exploits4References5
Cisco
Cisco
added 2014/12/23 4:0 p.m.44 views

Cisco Meraki HTTP Handler Local Information Disclosure Vulnerability

A vulnerability in an HTTP handler in Cisco Meraki firmware occurs because the handler does not require requests to come only from the Meraki cloud. This vulnerability could allow a LAN-based attacker to obtain sensitive credential information. An unauthenticated, remote attacker on an adjacent...

6.1CVSS6.2AI score0.00572EPSS
Exploits0References1
Rows per page
Query Builder