Usg20w-vpn Firmware@* Security Vulnerabilities and Issues — Usg20w-vpn Firmware@* CVE List

Lucene search

ZyxelUsg20w-vpn Firmware*

9 matches found

CVE•added 2022/05/12 2:15 p.m.•1617 views

CVE-2022-30525

A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1,...

10CVSS9AI score0.94445EPSS

CVE•added 2020/03/04 8:15 p.m.•1192 views

CVE-2020-9054

Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using th...

10CVSS10AI score0.94265EPSS

CVE•added 2022/07/19 6:15 a.m.•95 views

CVE-2022-30526

A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) f...

7.8CVSS8.8AI score0.02581EPSS

CVE•added 2023/02/07 2:15 a.m.•76 views

CVE-2022-38547

A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72, VPN series firmware versions 4.30 through 5.32, USG FLEX series firmware versions 4.50 through 5.32, and ATP series firmware versions 4.32 through 5.32, which cou...

7.2CVSS7.1AI score0.00407EPSS

CVE•added 2022/07/19 6:15 a.m.•67 views

CVE-2022-2030

A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 throu...

6.5CVSS6.4AI score0.00702EPSS

CVE•added 2024/02/20 3:15 a.m.•64 views

CVE-2023-6764

A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN serie...

8.1CVSS8.2AI score0.02332EPSS

CVE•added 2021/07/02 11:15 a.m.•57 views

CVE-2021-35029

An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device...

9.8CVSS9.7AI score0.00713EPSS

CVE•added 2024/02/20 2:15 a.m.•55 views

CVE-2023-6398

A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VP...

7.2CVSS7.2AI score0.00729EPSS

CVE•added 2024/02/20 2:15 a.m.•52 views

CVE-2023-6399

A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 ...

6.5CVSS5.4AI score0.00306EPSS