CVE-2023-34141

A command injection vulnerability in the access point AP management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.00 through 5.36 Patch 2, USG20W-VPN series firmware...

CVE-2023-34140

A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50W series firmware versions 4.16 through 5.36 Patch 2, USG20W-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN...

Buffer overflow

A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50W series firmware versions 4.16 through 5.36 Patch 2, USG20W-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN...

Command injection

A command injection vulnerability in the access point AP management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.00 through 5.36 Patch 2, USG20W-VPN series firmware...

CVE-2023-34141

A command injection vulnerability in the access point AP management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.00 through 5.36 Patch 2, USG20W-VPN series firmware...

CVE-2023-34141

CVE-2023-34141 affects Zyxel devices (ATP series, USG FLEX series including USG FLEX 50(W), USG20(W)-VPN, VPN series; NXC2500 and NXC5500) with firmware ranges up to 5.36 Patch 2 or 6.10 AAIG/AAOS variants. Description: a command-injection in the access point (AP) management feature could allow a...

CVE-2023-34140

CVE-2023-34140 affects Zyxel CAPWAP-based devices (ATP series 4.32–5.36 Patch 2; USG FLEX 4.50–5.36 Patch 2; USG FLEX 50(W) 4.16–5.36 Patch 2; USG20(W)-VPN 4.16–5.36 Patch 2; VPN 4.30–5.36 Patch 2; NXC2500 6.10(AAIG.0–AAIG.3); NXC5500 6.10(AAOS.0–AAOS.4)). A buffer overflow in the CAPWAP daemon a...

CVE-2022-26531

CVE-2022-26531 stems from multiple improper input validation flaws in Zyxel devices (USG/ZyWALL, USG FLEX, ATP, VPN, NSG, NXC2500, NAP203, NWA50AX, WAC500, WAX510D) across firmware ranges up to 4.71/5.21/6.x, enabling a local authenticated attacker to trigger a buffer overflow or system crash via...

Zyxel Gateway / Access Point External DNS Request Vulnerability

Some Zyxel Access Points are prone to an information disclosure vulnerability where external DNS requests can be made. This VT has been deprecated and replaced by various device specific VTs. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced...