Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zyxel cloudcnm secumanager 3.1.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-15331
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded OAUTH_SECRET_KEY in /opt/axess/etc/default/axess.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
NA
CVE-2020-15332
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/default/axess permissions.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
NA
CVE-2020-15333
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows malicious users to discover accounts via MySQL "select * from Administrator_users" and "select * from Users_users" requests.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
NA
CVE-2020-15334
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence injection into the /var/log/axxmpp.log file.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
5
CVSSv2
CVE-2020-15335
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /registerCpe requests.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
5
CVSSv2
CVE-2020-15336
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /cnr requests.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
NA
CVE-2020-15337
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /registerCpe requests.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
NA
CVE-2020-15338
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /cnr requests.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
NA
CVE-2020-15341
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated update_all_realm_license API.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
NA
CVE-2020-15343
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user_key API.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hard-coded
CVE-2024-27202
NULL pointer dereference
CVE-2024-28075
CVE-2024-33608
CVE-2024-28889
CVE-2024-34572
template injection
CVE-2024-34351
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »