EUVD-2024-17319

Malicious code in bioql PyPI...

CVE-2024-12398

An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00ACLE.3 and WBE660S firmware versions through 6.70ACGG.2 could allow an authenticated user with limited privileges to escalate their privileges to that of an...

CVE-2024-12398

CVE-2024-12398 affects Zyxel WBE530 (firmware up to 7.00(ACLE.3)) and WBE660S (up to 6.70(ACGG.2)). The issue is improper privilege management in the device web management interface that can let an authenticated user with limited privileges escalate to administrator and upload configuration files...

PT-2024-10082 · Zyxel · Zyxel Wbe530 +1

Name of the Vulnerable Software and Affected Versions: Zyxel WBE530 firmware versions through 7.00ACLE.3 Zyxel WBE660S firmware versions through 6.70ACGG.2 Description: An improper privilege management vulnerability in the web management interface could allow an authenticated user with limited...

CVE-2024-1575

The improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70ACGG.3 and earlier versions could allow an authenticated user to escalate privileges and download the configuration files on a vulnerable device...

CVE-2024-1575

The improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70ACGG.3 and earlier versions could allow an authenticated user to escalate privileges and download the configuration files on a vulnerable device...

CVE-2024-1575

The improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70ACGG.3 and earlier versions could allow an authenticated user to escalate privileges and download the configuration files on a vulnerable device...

CVE-2024-1575

CVE-2024-1575 affects Zyxel WBE660S, specifically firmware 6.70(ACGG.3) and earlier. The issue is improper privilege management that can let an authenticated user escalate privileges and download configuration files from the device (impacting confidentiality). Reported attack vector is network wi...

CVE-2024-1575

The improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70ACGG.3 and earlier versions could allow an authenticated user to escalate privileges and download the configuration files on a vulnerable device...

Zyxel WBE660S 安全漏洞

The Zyxel WBE660S is a wireless access point from China Hopkins Zyxel. A security vulnerability exists in the Zyxel WBE660S that stems from an incorrect privilege management vulnerability that could allow an authenticated user to elevate privileges and download configuration files on vulnerable...

CVE-2023-6398

A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50W series firmware versions from 4.16 through 5.37 Patch 1, USG20W-VPN...

CVE-2023-6398

A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50W series firmware versions from 4.16 through 5.37 Patch 1, USG20W-VPN...

CVE-2023-6398

CVE-2023-6398 is a post-authentication command-injection vulnerability in Zyxel devices where the file upload binary can be abused by an authenticated administrator to execute OS commands on the device via FTP. Affected products include ZyXEL ATP series (4.32–5.37 Patch 1), USG FLEX series (4.50–...

PT-2024-5288 · Zyxel · Zyxel Wbe660S

Name of the Vulnerable Software and Affected Versions: Zyxel WBE660S versions 6.70ACGG.3 and earlier Description: The issue is related to improper privilege management, which could allow an authenticated user to escalate privileges and download configuration files on a vulnerable device. This is...

CVE-2023-5797

An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50W series firmware versions 4.16 through 5.37, USG20W-VPN series firmware versions 4.16 through 5.37,...

Privilege escalation

An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50W series firmware versions 4.16 through 5.37, USG20W-VPN series firmware versions 4.16 through 5.37,...