Lucene search
+L

14 matches found

Cvelist
Cvelist
added 2024/09/03 1:54 a.m.34 views

CVE-2024-42060

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50W series firmware versions from V4.16 through V5.38, and USG20W-VPN series firmware versions from V4.16...

7.2CVSS0.01339EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/03 1:28 a.m.25 views

CVE-2024-6343

A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50W series firmware versions from V4.16 through V5.38, and USG20W-VPN series firmware versions from V4.16 through...

4.9CVSS0.00605EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/20 1:42 a.m.16 views

CVE-2023-6399

A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50W series firmware versions from 4.16 through 5.37 Patch 1, USG20W-VPN series firmware versions from 4.16 through 5.37...

5.7CVSS6.6AI score0.00649EPSS
Exploits0References1
CVE
CVE
added 2024/02/20 1:34 a.m.79 views

CVE-2023-6398

CVE-2023-6398 is a post-authentication command-injection vulnerability in Zyxel devices where the file upload binary can be abused by an authenticated administrator to execute OS commands on the device via FTP. Affected products include ZyXEL ATP series (4.32–5.37 Patch 1), USG FLEX series (4.50–...

7.2CVSS7.2AI score0.01333EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/11/28 2:15 a.m.22 views

Buffer overflow

A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50W series firmware versions 4.16 through 5.37, USG20W-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30...

1.7CVSS7.4AI score0.00221EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/28 1:16 a.m.53 views

CVE-2023-35136

CVE-2023-35136 describes an improper input validation vulnerability in the Quagga package across Zyxel devices (ATP series 4.32–5.37; USG FLEX 4.50–5.37; USG FLEX 50(W) 4.16–5.37; USG20(W)-VPN 4.16–5.37; VPN series 4.30–5.37) that could allow an authenticated local attacker to access configuratio...

5.5CVSS5.3AI score0.00243EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/08/17 12:0 a.m.8 views

PT-2023-7251 · Zyxel · Zyxel Usg Flex Series +3

Name of the Vulnerable Software and Affected Versions: Zyxel ATP series version 5.37 Zyxel USG FLEX series version 5.37 Zyxel USG FLEX 50W series version 5.37 Zyxel USG20W-VPN series version 5.37 Description: A buffer overflow issue in the firmware could allow an authenticated local attacker with...

4.6CVSS5.1AI score0.00233EPSS
Exploits0References5
Prion
Prion
added 2023/07/17 6:15 p.m.28 views

Command injection

A command injection vulnerability in the configuration parser of the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.10 through 5.36 Patch 2, USG20W-VPN series firmware versions 5.10...

5.8CVSS8.9AI score0.1014EPSS
Exploits2References1Affected Software22
Prion
Prion
added 2023/07/17 6:15 p.m.32 views

Buffer overflow

A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50W series firmware versions 4.16 through 5.36 Patch 2, USG20W-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN...

3.3CVSS6.5AI score0.00268EPSS
Exploits0References1Affected Software24
Prion
Prion
added 2023/07/17 6:15 p.m.28 views

Command injection

A command injection vulnerability in the access point AP management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.00 through 5.36 Patch 2, USG20W-VPN series firmware...

5.4CVSS8.1AI score0.00629EPSS
Exploits0References1Affected Software24
CVE
CVE
added 2023/07/17 5:56 p.m.58 views

CVE-2023-34141

CVE-2023-34141 affects Zyxel devices (ATP series, USG FLEX series including USG FLEX 50(W), USG20(W)-VPN, VPN series; NXC2500 and NXC5500) with firmware ranges up to 5.36 Patch 2 or 6.10 AAIG/AAOS variants. Description: a command-injection in the access point (AP) management feature could allow a...

8CVSS8.1AI score0.00629EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/07/17 5:49 p.m.52 views

CVE-2023-34140

CVE-2023-34140 affects Zyxel CAPWAP-based devices (ATP series 4.32–5.36 Patch 2; USG FLEX 4.50–5.36 Patch 2; USG FLEX 50(W) 4.16–5.36 Patch 2; USG20(W)-VPN 4.16–5.36 Patch 2; VPN 4.30–5.36 Patch 2; NXC2500 6.10(AAIG.0–AAIG.3); NXC5500 6.10(AAOS.0–AAOS.4)). A buffer overflow in the CAPWAP daemon a...

6.5CVSS6.5AI score0.00268EPSS
Exploits0References1Affected Software1
CISA KEV Catalog
CISA KEV Catalog
added 2023/06/05 12:0 a.m.48 views

Zyxel Multiple Firewalls Buffer Overflow Vulnerability

Zyxel ATP, USG FLEX, USG FLEX 50W, USG20W-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerability in the ID processing function that could allow an unauthenticated attacker to cause denial-of-service DoS conditions and remote code execution on an affected device...

9.8CVSS8.4AI score0.28813EPSS
In wildExploits0
NVD
NVD
added 2023/04/24 5:15 p.m.27 views

CVE-2023-22916

The configuration parser of Zyxel ATP series firmware versions 5.10 through 5.35, USG FLEX series firmware versions 5.00 through 5.35, USG FLEX 50W firmware versions 5.10 through 5.35, USG20W-VPN firmware versions 5.10 through 5.35, and VPN series firmware versions 5.00 through 5.35, which fails ...

8.1CVSS8.1AI score0.00693EPSS
Exploits0References1
Rows per page
Query Builder