Lucene search
K

290 matches found

NVD
NVD
added 2022/09/29 3:15 a.m.25 views

CVE-2020-15339

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows live/CPEManager/AXCampaignManager/handlecampaignscriptlink?scriptname= XSS...

6.1CVSS0.00714EPSS
Exploits1References2
OSV
OSV
added 2022/09/29 3:15 a.m.5 views

CVE-2020-15339

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows live/CPEManager/AXCampaignManager/handlecampaignscriptlink?scriptname= XSS...

6.1CVSS5.8AI score0.00714EPSS
Exploits1References2
OSV
OSV
added 2022/09/29 3:15 a.m.3 views

CVE-2020-15344

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zygetuseridandkey API...

5.3CVSS5.8AI score0.00568EPSS
Exploits1References2
NVD
NVD
added 2022/09/29 3:15 a.m.12 views

CVE-2020-15334

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence injection into the /var/log/axxmpp.log file...

5.3CVSS0.00784EPSS
Exploits1References2
NVD
NVD
added 2022/09/29 3:15 a.m.24 views

CVE-2020-15343

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zyinstalluserkey API...

5.3CVSS0.0058EPSS
Exploits1References2
OSV
OSV
added 2022/09/29 3:15 a.m.4 views

CVE-2020-15338

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /cnr requests...

5.3CVSS5.8AI score0.00759EPSS
Exploits1References2
NVD
NVD
added 2022/09/29 3:15 a.m.22 views

CVE-2020-15347

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the q6xV4aW8bQ4cfD-b password for the axiros account...

9.8CVSS0.01296EPSS
Exploits1References2
NVD
NVD
added 2022/09/29 3:15 a.m.23 views

CVE-2020-15327

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication...

7.5CVSS0.00963EPSS
Exploits1References2
NVD
NVD
added 2022/09/29 3:15 a.m.25 views

CVE-2020-15332

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/default/axess permissions...

9.8CVSS0.00884EPSS
Exploits1References2
NVD
NVD
added 2022/09/29 3:15 a.m.15 views

CVE-2020-15338

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /cnr requests...

5.3CVSS0.00759EPSS
Exploits1References2
OSV
OSV
added 2022/09/29 3:15 a.m.4 views

CVE-2020-15325

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication...

5.3CVSS5.8AI score0.00572EPSS
Exploits1References2
NVD
NVD
added 2022/09/29 3:15 a.m.22 views

CVE-2020-15325

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication...

5.3CVSS0.00572EPSS
Exploits1References2
NVD
NVD
added 2022/09/29 3:15 a.m.21 views

CVE-2020-15326

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem...

5.3CVSS0.0053EPSS
Exploits1References2
OSV
OSV
added 2022/09/29 3:15 a.m.4 views

CVE-2020-15326

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem...

5.3CVSS5.8AI score0.0053EPSS
Exploits1References2
Prion
Prion
added 2022/09/29 3:15 a.m.12 views

Cross site request forgery (csrf)

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /cnr requests...

5CVSS5.4AI score0.00759EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/09/29 3:15 a.m.15 views

Design/Logic Flaw

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/var/blobstorage/ permissions...

5CVSS5.4AI score0.00849EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/09/29 3:15 a.m.21 views

Cross site request forgery (csrf)

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /registerCpe requests...

5CVSS5.4AI score0.0079EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/09/29 3:15 a.m.16 views

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded APPKEY in /opt/axess/etc/default/axess...

5CVSS5.3AI score0.00572EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/09/29 3:15 a.m.21 views

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded opt/axess/AXAssets/defaultaxess/axess/TR69/Handlers/turbolink/sshkeys/idrsa SSH key...

5CVSS7.6AI score0.00738EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/09/29 3:15 a.m.16 views

Design/Logic Flaw

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak Data.fs permissions...

5CVSS5.4AI score0.00849EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder