Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zyxel cloudcnm secumanager 3.1.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-15327
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
5.3
CVSSv3
CVE-2020-15328
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/var/blobstorage/ permissions.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
5.3
CVSSv3
CVE-2020-15329
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak Data.fs permissions.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
9.8
CVSSv3
CVE-2020-15332
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/default/axess permissions.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
5.3
CVSSv3
CVE-2020-15334
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence injection into the /var/log/axxmpp.log file.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
6.1
CVSSv3
CVE-2020-15339
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows live/CPEManager/AXCampaignManager/handle_campaign_script_link?script_name= XSS.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
7.5
CVSSv3
CVE-2020-15340
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded opt/axess/AXAssets/default_axess/axess/TR69/Handlers/turbolink/sshkeys/id_rsa SSH key.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
7.5
CVSSv3
CVE-2020-15341
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated update_all_realm_license API.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
5.3
CVSSv3
CVE-2020-15344
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_user_id_and_key API.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
5.3
CVSSv3
CVE-2020-15346
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »