Usg210 Firmware@* Security Vulnerabilities and Issues — Usg210 Firmware@* CVE List

Lucene search

ZyxelUsg210 Firmware*

8 matches found

CVE•added 2020/03/04 8:15 p.m.•1192 views

CVE-2020-9054

Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using th...

10CVSS10AI score0.94265EPSS

CVE•added 2022/05/24 6:15 a.m.•136 views

CVE-2022-26532

A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmwa...

7.8CVSS8AI score0.07065EPSS

CVE•added 2022/05/24 3:15 a.m.•121 views

CVE-2022-0910

A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, and VPN series firmware versi...

6.5CVSS7.1AI score0.00037EPSS

CVE•added 2022/05/24 3:15 a.m.•92 views

CVE-2022-0734

A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that could ...

6.1CVSS6.3AI score0.17021EPSS

CVE•added 2022/05/24 6:15 a.m.•82 views

CVE-2022-26531

Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG seri...

7.8CVSS7.8AI score0.0073EPSS

CVE•added 2019/06/27 2:15 p.m.•60 views

CVE-2019-12583

Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices allows a remote attacker to generate guest accounts by directly accessing the account generator. This can lead to unauthorised network access or Denial of Service.

9.1CVSS9AI score0.59063EPSS

CVE•added 2019/06/27 3:15 p.m.•58 views

CVE-2019-12581

A reflective Cross-site scripting (XSS) vulnerability in the free_time_failed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG devices allows remote attackers to inject arbitrary web script or HTML via the err_msg parameter.

6.1CVSS6.1AI score0.6706EPSS

CVE•added 2021/07/02 11:15 a.m.•57 views

CVE-2021-35029

An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device...

9.8CVSS9.7AI score0.00713EPSS