Lucene search
K

51 matches found

CVE
CVE
added 2023/07/17 5:23 p.m.67 views

CVE-2023-33012

CVE-2023-33012 is a command-injection vulnerability in the configuration parser of Zyxel devices (ATP, USG FLEX/50(W), USG20(W)-VPN, VPN series). The root cause is a flaw in parsing GRE configurations when cloud management mode is enabled, allowing an unauthenticated, LAN-based attacker to execut...

8.8CVSS8.9AI score0.1014EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2023/07/17 5:15 p.m.64 views

CVE-2023-33011

CVE-2023-33011 corresponds to a format-string vulnerability in Zyxel firmware affecting Zyxel ATP series (5.10–5.36 Patch 2), USG FLEX series (5.00–5.36 Patch 2), USG FLEX 50(W) (5.10–5.36 Patch 2), USG20(W)-VPN (5.10–5.36 Patch 2), and VPN series (5.00–5.36 Patch 2). The flaw permits an unauthen...

8.8CVSS8.6AI score0.00303EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/17 5:15 p.m.28 views

CVE-2023-33011

A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.10 through 5.36 Patch 2, USG20W-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN...

8.8CVSS8.9AI score0.00303EPSS
Exploits0References1
NVD
NVD
added 2023/07/17 5:15 p.m.12 views

CVE-2023-28767

The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions 5.00 through 5.36, USG FLEX 50W series firmware versions 5.10 through 5.36, USG20W-VPN series firmware versions 5.10 through 5.36, and VP...

8.8CVSS0.00361EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/17 4:59 p.m.16 views

CVE-2023-28767

The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions 5.00 through 5.36, USG FLEX 50W series firmware versions 5.10 through 5.36, USG20W-VPN series firmware versions 5.10 through 5.36, and VP...

8.8CVSS7AI score0.00361EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/17 12:0 a.m.5 views

Zyxel ATP 安全漏洞

Zyxel ATP is a firewall from Zyxel China. A security vulnerability exists in Zyxel ATP ZLD versions V4.32 through V5.36 Patch 2, USG FLEX ZLD versions V4.50 through V5.36 Patch 2, USG FLEX 50W / USG20W-VPN ZLD versions V4.16 through V5.36 Patch 2, VPN ZLD versions V4.30 through V5.36. A security...

6.5CVSS6.5AI score0.00268EPSS
Exploits0References2
Prion
Prion
added 2020/09/03 6:15 p.m.12 views

Command injection

B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can exploit this...

7.7CVSS6.9AI score0.00796EPSS
Exploits0References1Affected Software3
CERT
CERT
added 2015/11/06 12:0 a.m.440 views

Huawei HG532 routers contain a path traversal vulnerability

Overview Huawei HG532 routers, including the HG532e, n, s, and possibly other models, are vulnerable to arbitrary file access through path traversal. Description CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' - CVE-2015-7254In vulnerable Huawei router models,...

5CVSS6.6AI score0.27528EPSS
Exploits2References2
CERT
CERT
added 2015/11/03 12:0 a.m.223 views

ZTE ZXHN H108N R1A routers contain multiple vulnerabilities

Overview ZTE ZXHN H108N R1A router, version ZTE.bhs.ZXHNH108NR1A.hPE, and ZXV10 W300 router, version W300V1.0.0fER1PE, contain multiple vulnerabilities. Description CWE-200: Information Exposure - CVE-2015-7248 Multiple information exposure vulnerabilities enable an attacker to obtain credentials...

10CVSS7.5AI score0.1554EPSS
Exploits4References5
Cisco
Cisco
added 2014/12/23 4:0 p.m.44 views

Cisco Meraki HTTP Handler Local Information Disclosure Vulnerability

A vulnerability in an HTTP handler in Cisco Meraki firmware occurs because the handler does not require requests to come only from the Meraki cloud. This vulnerability could allow a LAN-based attacker to obtain sensitive credential information. An unauthenticated, remote attacker on an adjacent...

6.1CVSS6.2AI score0.00572EPSS
Exploits0References1
securityvulns
securityvulns
added 2011/02/14 12:0 a.m.58 views

ASPR #2011-02-11-1: Remote Binary Planting in Adobe Reader

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2011-02-11-1 ------------------------------------------------------------------------- ASPR 2011-02-11-1: Remote Binary Planting in Adobe Reader...

6.9CVSS9.6AI score0.00673EPSS
Exploits0
Rows per page
Query Builder