Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zyxel vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2020-13364
A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)...
Zyxel Nas326 Firmware
Zyxel Nas520 Firmware
Zyxel Nas540 Firmware
Zyxel Nas542 Firmware
1 Github repository
9
CVSSv2
CVE-2020-13365
Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; N...
Zyxel Nas326 Firmware
Zyxel Nas520 Firmware
Zyxel Nas540 Firmware
Zyxel Nas542 Firmware
1 Github repository
9
CVSSv2
CVE-2019-15799
An issue exists on Zyxel GS1900 devices with firmware prior to 2.50(AAHH.0)C0. User accounts created through the web interface of the device, when given non-admin level privileges, have the same level of privileged access as administrators when connecting to the device via SSH (w...
Zyxel Gs1900-8 Firmware
Zyxel Gs1900-8hp Firmware
Zyxel Gs1900-10hp Firmware
Zyxel Gs1900-16 Firmware
Zyxel Gs1900-24e Firmware
Zyxel Gs1900-24 Firmware
Zyxel Gs1900-24hp Firmware
Zyxel Gs1900-48 Firmware
Zyxel Gs1900-48hp Firmware
2 Github repositories
9
CVSSv2
CVE-2017-18372
The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has a command injection vulnerability in the Time Setting function, which is only accessible by an authenticated user. The vulnerability is in the tools_time.asp page and can be exploited through...
Billion 5200w-t Firmware 7.3.8.0
Zyxel P660hn-t1a V2 Firmware 7.3.15.0
Zyxel P660hn-t1a V1 Firmware 7.3.15.0
9
CVSSv2
CVE-2017-18374
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has two user accounts with default passwords, including a hardcoded service account with the username true and password true. These accounts can be used to login to the web interfa...
Billion 5200w-t Firmware 7.3.8.0
Zyxel P660hn-t1a V2 Firmware 7.3.15.0
Zyxel P660hn-t1a V1 Firmware 7.3.15.0
9
CVSSv2
CVE-2017-18370
The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is only accessible by an authenticated user. The vulnerability is in the logSet.asp page and can be exploited th...
Billion 5200w-t Firmware 7.3.8.0
Zyxel P660hn-t1a V2 Firmware 7.3.37.6
Zyxel P660hn-t1a V1 Firmware 7.3.37.6
9
CVSSv2
CVE-2018-14893
A system command injection vulnerability in zyshclient in ZyXEL NSA325 V2 version 4.81 allows malicious users to execute system commands via the web application API.
Zyxel Nsa325 V2 Firmware 4.81
9
CVSSv2
CVE-2016-10401
ZyXEL PK5001Z devices have zyad5001 as the su password, which makes it easier for remote malicious users to obtain root access if a non-root account password is known (or a non-root default account exists within an ISP's deployment of these devices).
Zyxel Pk5001z Firmware -
1 EDB exploit
1 Github repository
9
CVSSv2
CVE-2017-6884
A command injection vulnerability exists on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the ro...
Zyxel Emg2926 Firmware V1.00\\(aaqt.4\\)b8
1 EDB exploit
8.3
CVSSv2
CVE-2021-4029
A command injection vulnerability in the CGI program of the Zyxel ARMOR Z1/Z2 firmware could allow an malicious user to execute arbitrary OS commands via a LAN interface.
Zyxel Nbg6816 Firmware 1.00\\(aawb.10\\)c0
Zyxel Nbg6817 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »