33 matches found
CVE-2025-9133
A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16 through V5.40 could...
EUVD-2023-41779
Malicious code in bioql PyPI...
EUVD-2023-37201
Malicious code in bioql PyPI...
EUVD-2023-54261
Malicious code in bioql PyPI...
EUVD-2023-32402
Malicious code in bioql PyPI...
EUVD-2023-37200
Malicious code in bioql PyPI...
CVE-2023-34141
A command injection vulnerability in the access point AP management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.00 through 5.36 Patch 2, USG20W-VPN series firmware...
CVE-2023-37925
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50W series firmware versions 4.16 through 5.37, USG20W-VPN series firmware versions 4.16 through 5.37,...
CVE-2023-6397
A null pointer dereference vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1 and USG FLEX series firmware versions from 4.50 through 5.37 Patch 1 could allow a LAN-based attacker to cause denial-of-service DoS conditions by downloading a crafted RAR compressed fil...
CVE-2024-42058
A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50W series firmware versions from V5.20 through V5.38, and USG20W-VPN series firmware versions from V5.20 through V5.38 cou...
CVE-2024-42057
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50W series firmware versions from V4.16 through V5.38, and USG20W-VPN series firmware versions from V4.16...
PT-2024-8803
Name of the Vulnerable Software and Affected Versions: Zyxel ATP series firmware versions V5.00 through V5.38 Zyxel USG FLEX series firmware versions V5.00 through V5.38 Zyxel USG FLEX 50W series firmware versions V5.10 through V5.38 Zyxel USG20W-VPN series firmware versions V5.10 through V5.38...
CVE-2024-42061
A reflected cross-site scripting XSS vulnerability in the CGI program "dynamicscript.cgi" of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50W series firmware versions from V4.16 through V5.38, and USG20W-VPN seri...
CVE-2024-7203
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an authenticated attacker with administrator privileges to execute some operating system OS commands on a...
CVE-2024-42059
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50W series firmware versions from V5.00 through V5.38, and USG20W-VPN series firmware versions from V5.00...
CVE-2023-6764
A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50W series firmware versions from 4.16 through 5.37 Patch 1, and USG20W-VPN series...
CVE-2023-6397
A null pointer dereference in Zyxel ATP series firmware 4.32–5.37 Patch 1 and USG FLEX series firmware 4.50–5.37 Patch 1, within the Anti-Malware feature, can allow a LAN-based attacker to cause DoS by sending a crafted RAR file to a LAN-side host. Affected products: Zyxel ATP and USG FLEX. Impac...
CVE-2023-4398
An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50W series firmware versions 4.16 through 5.37, USG20W-VPN series...
CVE-2023-5797
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50W series firmware versions 4.16 through 5.37, USG20W-VPN series firmware versions 4.16 through 5.37,...
PT-2023-7186 · Zyxel · Zyxel Usg Flex Series +5
Name of the Vulnerable Software and Affected Versions: Zyxel ATP series firmware versions 4.32 through 5.37 Zyxel USG FLEX series firmware versions 4.50 through 5.37 Zyxel USG FLEX 50W series firmware versions 4.16 through 5.37 Zyxel USG20W-VPN series firmware versions 4.16 through 5.37 Zyxel VPN...