Usg60 Firmware@* Security Vulnerabilities and Issues — Usg60 Firmware@* CVE List

Lucene search

ZyxelUsg60 Firmware*

7 matches found

CVE•added 2020/03/04 8:15 p.m.•1192 views

CVE-2020-9054

Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using th...

10CVSS10AI score0.94265EPSS

CVE•added 2022/03/28 1:15 p.m.•138 views

CVE-2022-0342

An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware vers...

9.8CVSS9.5AI score0.91857EPSS

CVE•added 2022/07/19 6:15 a.m.•95 views

CVE-2022-30526

A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) f...

7.8CVSS8.8AI score0.02581EPSS

CVE•added 2023/02/07 2:15 a.m.•76 views

CVE-2022-38547

A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72, VPN series firmware versions 4.30 through 5.32, USG FLEX series firmware versions 4.50 through 5.32, and ATP series firmware versions 4.32 through 5.32, which cou...

7.2CVSS7.1AI score0.00407EPSS

CVE•added 2022/07/19 6:15 a.m.•67 views

CVE-2022-2030

A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 throu...

6.5CVSS6.4AI score0.00702EPSS

CVE•added 2022/12/06 2:15 a.m.•61 views

CVE-2022-40603

A cross-site scripting (XSS) vulnerability in the CGI program of Zyxel ZyWALL/USG series firmware versions 4.30 through 4.72, VPN series firmware versions 4.30 through 5.31, USG FLEX series firmware versions 4.50 through 5.31, and ATP series firmware versions 4.32 through 5.31, which could allow an...

6.1CVSS6AI score0.00789EPSS

CVE•added 2021/07/02 11:15 a.m.•57 views

CVE-2021-35029

An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device...

9.8CVSS9.7AI score0.00713EPSS