Lucene search
+L

51 matches found

VulnCheck KEV
VulnCheck KEV
added 2025/10/17 12:0 a.m.44 views

VulnCheck KEV: CVE-2022-0342

An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware...

9.8CVSS5.8AI score0.84839EPSS
In wildExploits0References30
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-8710

Malware in sbrugna...

8.8CVSS8.8AI score0.00494EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-4300

Malware in sbrugna...

4.3CVSS6.4AI score0.01332EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-0435

Malware in sbrugna...

5CVSS6.4AI score0.0176EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-4302

Malware in sbrugna...

4CVSS6.4AI score0.01361EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-4301

Malware in sbrugna...

4.3CVSS6.4AI score0.02307EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2007-4299

Malware in sbrugna...

4.3CVSS6.4AI score0.01216EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 12:39 a.m.8 views

CVE-2022-40603

A cross-site scripting XSS vulnerability in the CGI program of Zyxel ZyWALL/USG series firmware versions 4.30 through 4.72, VPN series firmware versions 4.30 through 5.31, USG FLEX series firmware versions 4.50 through 5.31, and ATP series firmware versions 4.32 through 5.31, which could allow an...

6.1CVSS5.4AI score0.00359EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/24 12:0 a.m.4 views

PT-2023-2851

Name of the Vulnerable Software and Affected Versions Zyxel ATP series versions 4.32 through 5.36 Patch 1 Zyxel USG FLEX series versions 4.50 through 5.36 Patch 1 Zyxel USG FLEX 50W versions 4.25 through 5.36 Patch 1 Zyxel USG20W-VPN versions 4.25 through 5.36 Patch 1 Zyxel VPN series versions 4....

10CVSS10AI score0.28813EPSS
Exploits0References16
BDU FSTEC
BDU FSTEC
added 2023/05/24 12:0 a.m.9 views

The vulnerability of microprogrammed software in network devices such as Zyxel ZyWALL/USG, VPN, USG FLEX, ATP allows a perpetrator to execute arbitrary commands.

The vulnerability of Zyxel ZyWALL/USG, VPN, USG FLEX, and ATP network devices exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

10CVSS8.4AI score0.99284EPSS
Exploits8References3Affected Software19
NVD
NVD
added 2023/04/25 2:15 a.m.29 views

CVE-2023-28771

Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to...

9.8CVSS9.9AI score0.99284EPSS
Exploits8References3
CNNVD
CNNVD
added 2023/04/24 12:0 a.m.39 views

Zyxel ZyWALL USG 操作系统命令注入漏洞

The Zyxel ZyWALL USG is a network security firewall appliance from China's Heqin Zyxel. An operating system command injection vulnerability exists in Zyxel ZyWALL USG versions 4.60 through 5.35, which stems from improper error message handling. An attacker could exploit this vulnerability to...

9.8CVSS8.8AI score0.99284EPSS
Exploits8References4
0day.today
0day.today
added 2022/03/02 12:0 a.m.427 views

Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting Vulnerability

Exploit Title: Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting XSS Exploit Author: Momen Eldawakhly CyberGuy Vendor Homepage: https://www.zyxel.com Version: ZyWALL 2 Plus Tested on: Ubuntu Linux Firefox CVE : CVE-2021-46387 GET...

6.1CVSS0.1AI score0.21028EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/03/02 12:0 a.m.330 views

Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting (XSS)

Exploit Title: Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting XSS Date: 1/3/2022 Exploit Author: Momen Eldawakhly CyberGuy Vendor Homepage: https://www.zyxel.com Version: ZyWALL 2 Plus Tested on: Ubuntu Linux Firefox CVE : CVE-2021-46387 GET...

6.1CVSS6.3AI score0.21028EPSS
Exploits4
ATTACKERKB
ATTACKERKB
added 2022/03/01 3:15 p.m.8 views

CVE-2021-46387

ZyXEL ZyWALL 2 Plus Internet Security Appliance is affected by Cross Site Scripting XSS. Insecure URI handling leads to bypass security restriction to achieve Cross Site Scripting, which allows an attacker able to execute arbitrary JavaScript codes to perform multiple attacks such as clipboard...

6.1CVSS6.6AI score0.21028EPSS
Exploits4References6
CNNVD
CNNVD
added 2022/03/01 12:0 a.m.6 views

Zyxel Zywall310跨站脚本漏洞

A cross-site scripting vulnerability exists in Zyxel ZyWALL 2 Plus, a firewall appliance for corporate environments from Zyxel China, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the vulnerability to be able to execute arbitrary...

6.1CVSS6.3AI score0.21028EPSS
Exploits4References8
Cvelist
Cvelist
added 2019/06/27 2:10 p.m.24 views

CVE-2019-12581

A reflective Cross-site scripting XSS vulnerability in the freetimefailed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG devices allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter...

6.1AI score0.064EPSS
Exploits1References4
CNVD
CNVD
added 2018/11/13 12:0 a.m.4 views

ZyXEL ZyWALL USG Cross-Site Request Forgery Vulnerability

ZyXEL ZyWALL USG is a network security firewall appliance from Hopkins ZyXEL Technology. A cross-site request forgery vulnerability exists in ZyXEL ZyWALL USG version 2.12 AQQ.2 and 3.30 AQQ.7. A remote attacker can exploit this vulnerability by adding user accounts with the help of the 'cmd'...

8.8CVSS8.5AI score0.00494EPSS
Exploits1References1
OSV
OSV
added 2018/11/10 10:29 p.m.4 views

CVE-2017-17550

ZyXEL ZyWALL USG 2.12 AQQ.2 and 3.30 AQQ.7 devices are affected by a CSRF vulnerability via a cgi-bin/zysh-cgi cmd action to add a user account. This account's access could, for example, subsequently be used for stored XSS...

8.8CVSS5.8AI score0.00494EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/10 10:0 p.m.18 views

CVE-2017-17550

ZyXEL ZyWALL USG 2.12 AQQ.2 and 3.30 AQQ.7 devices are affected by a CSRF vulnerability via a cgi-bin/zysh-cgi cmd action to add a user account. This account's access could, for example, subsequently be used for stored XSS...

8.5AI score0.00494EPSS
Exploits1References1
Rows per page
Query Builder