CVE-2023-4397

A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50W series firmware version 5.37, and USG20W-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause...

CVE-2025-9133

A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16 through V5.40 could...

Zyxel ATP series firmware和Zyxel USG FLEX series firmware 操作系统命令注入漏洞

Zyxel ATP series firmware and Zyxel USG FLEX series firmware are both products of the Chinese company Zyxel.Zyxel ATP series firmware is a series of firewall firmware.Zyxel USG FLEX series firmware is a series of Zyxel ATP series firmware is a series of firewall firmware. The Zyxel ATP series...

Zyxel多款产品 代码问题漏洞

Zyxel USG20W-VPN and others are products of China Hopkins Zyxel.Zyxel USG20W-VPN is a firewall appliance for use in corporate environments.Zyxel ATP series firmware is a series of firewall firmwares.Zyxel USG FLEX series firmware is a series of Zyxel USG FLEX series firmware is a series of securi...

The vulnerability of the Anti-Malware function in the microprogramming software for ZyXEL USG FLEX and ATP devices allows attackers to induce service failure.

The vulnerability of the Anti-Malware function in the microprogramming software for ZyXEL USG FLEX and ATP devices is related to pointer assignment errors. Exploiting this vulnerability could allow a malicious actor to trigger a service failure by downloading a specially created malicious RAR fil...

CVE-2023-6398

A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50W series firmware versions from 4.16 through 5.37 Patch 1, USG20W-VPN...

The vulnerability of the Quagga microprogramming software for network devices such as ZyXEL VPN, USG FLEX, and ATP allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Quagga microprogramming software for ZyXEL VPN, USG FLEX, and ATP devices is related to insufficient validation of input data. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

CVE-2023-5960

An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device...

Zyxel ATP Cross-Site Scripting Vulnerability

Zyxel ATP is a firewall from China-based Zyxel. A cross-site scripting vulnerability exists in Zyxel ATP, which stems from a cross-site scripting XSS vulnerability in the CGI program. Affected products and versions: Zyxel ATP series versions 5.10 through 5.37, USG FLEX series versions 5.00 throug...

The vulnerability of the access point management function in microprogrammed software for Zyxel USG FLEX, USG FLEX 50(W), USG20(W)-VPN, ATP, and VPN allows a hacker to execute arbitrary commands.

The vulnerability of the access point management function in Zyxel USG FLEX, USG FLEX 50W, USG20W-VPN, ATP, and VPN software for network devices is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a...

Zyxel ATP 安全漏洞

Zyxel ATP is a firewall from Zyxel China. A security vulnerability exists in Zyxel ATP ZLD versions V4.32 through V5.36 Patch 2, USG FLEX ZLD versions V4.50 through V5.36 Patch 2, USG FLEX 50W / USG20W-VPN ZLD versions V4.16 through V5.36 Patch 2, VPN ZLD versions V4.30 through V5.36. A security...

PT-2023-22605

Name of the Vulnerable Software and Affected Versions Dolibarr versions prior to 17.0.1 Zyxel ATP Series, USG FLEX Series, USG FLEX 50W Series, and USG20W-VPN Series affected versions not specified Description The issue allows remote code execution by an authenticated user via an uppercase...

Zyxel ATP 安全漏洞

The Zyxel ATP is a firewall from China's Hopkins Zyxel. A security vulnerability exists in Zyxel ATP Series 5.10 through 5.35 firmware versions, USG FLEX Series 5.00 through 5.35 firmware versions, USG FLEX 50W 5.10 through 5.35 firmware versions, USG20W-VPN 5.10 through 5.35 firmware versions, a...

Zyxel Unified Security Gateway (USG) Local Detection

Binary data zyxelusgdetect.nbin...

The vulnerability of the Common Gateway Interface (CGI) interface of microprogramming software for network devices such as ZyXEL USG, ZyWALL, USG FLEX, ATP, and VPN allows attackers to circumvent security restrictions.

The vulnerability of the Common Gateway Interface CGI interface of ZyXEL USG, ZyWALL, USG FLEX, ATP, and VPN network devices is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions by using IPSec VPN...

Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products

Zyxel has released a patch to address a critical vulnerability in its firmware concerning a hardcoded, undocumented secret account that could be abused by an attacker to login with administrative privileges and compromise its networking devices. The flaw, tracked as CVE-2020-29583 CVSS score 7.8,...

Huawei NIP6800, Secospace USG6600 and USG9500 Resource Management Error Vulnerability

Huawei USG9500 and others are products of Huawei, China.USG9500 is a data center firewall product.NIP6800 is an intrusion prevention system.USG6600 is a data center firewall product. A resource management error vulnerability exists in the Huawei NIP6800, Secospace USG6600, and USG9500, which can ...

CVE-2019-5275

USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a malicious certificate ...

Access Control Vulnerabilities in Multiple ZyXEL Products

ZyXEL ZyWall 310 and others are products of Taiwan, China-based ZyXEL Corporation.ZyXEL ZyWall 310 is a 310 series VPN firewall appliance.ZyXEL ZyWall 110 is a 110 series VPN firewall appliance.ZyXEL USG1900 is a next-generation unified security gateway appliance. A security vulnerability exists ...

Cross-site scripting vulnerability in multiple Zyxel devices

ZyXEL ZyWall 310 and others are products of Taiwan, China-based ZyXEL Corporation.ZyXEL ZyWall 310 is a 310 series VPN firewall appliance.ZyXEL ZyWall 110 is a 110 series VPN firewall appliance.ZyXEL USG1900 is a next-generation unified security gateway appliance. Zyxel ZyWall A cross-site...