Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zyxel cloudcnm secumanager 3.1.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-15344
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_user_id_and_key API.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
NA
CVE-2020-15345
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_instances_for_update API.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
NA
CVE-2020-15346
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
NA
CVE-2020-15347
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the q6xV4aW8bQ4cfD-b password for the axiros account.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
NA
CVE-2020-15332
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/default/axess permissions.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
7.5
CVSSv2
CVE-2020-15324
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials.
Zyxel Cloud Cnm Secumanager 3.1.0
Zyxel Cloud Cnm Secumanager 3.1.1
10
CVSSv2
CVE-2020-15348
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/delete_cpes_by_ids?cpe_ids= for eval injection of Python code.
Zyxel Cloud Cnm Secumanager 3.1.0
Zyxel Cloud Cnm Secumanager 3.1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4