Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zyxel vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-15226
Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call.
Zyxel Nbg6716 Firmware 1.00\\(aakg.9\\)c0
9.8
CVSSv3
CVE-2017-3216
WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated malicious user to gain administrator access to the device by performing an administrator password change on the device via...
Greenpacket Ox350 Firmware -
Huawei Bm2022 Firmware -
Huawei Hes-309m Firmware -
Huawei Hes-319m Firmware -
Huawei Hes-319m2w Firmware -
Huawei Hes-339m Firmware -
Mada Soho Wireless Router Firmware -
Zte Ox-330p Firmware -
Zyxel Max218m Firmware -
Zyxel Max218m1w Firmware -
Zyxel Max218mw Firmware -
Zyxel Max308m Fimware -
Zyxel Max318m Firmware -
Zyxel Max338m Firmware -
9.8
CVSSv3
CVE-2015-6016
ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote malicious users to obtain administrative access via unspecified vectors.
Zyxel Nbg-418n -
Zyxel Zynos Firmware 3.40\\(axh.0\\)
Zyxel Pmg5318-b20a Firmware V100aanc0b5
9.8
CVSSv3
CVE-2015-6018
The diagnostic-ping implementation on ZyXEL PMG5318-B20A devices with firmware prior to 1.00(AANC.2)C0 allows remote malicious users to execute arbitrary commands via the PingIPAddr parameter.
Zyxel Pmg5318-b20a Firmware
1 EDB exploit
9.8
CVSSv3
CVE-2008-1160
ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not changed when it is set by a user, which allows remote malicious users to gain privileges.
Zyxel Zywall 1050 Firmware -
1 EDB exploit
9.4
CVSSv3
CVE-2019-17354
wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00(AARP.9)C0 can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an malicious user to modify data fields of the page.
Zyxel Nbg-418n V2 Firmware 1.00\\(aarp.9\\)c0
9.1
CVSSv3
CVE-2021-35034
An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote malicious user to access the device if the correct token can be intercepted.
Zyxel Nbg6604 Firmware
9.1
CVSSv3
CVE-2020-28899
The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication, which allows remote unauthenticated attackers (via crafted JSON action data to /cgi-bin/gui.cgi) to use all features provided by the router. Examples: change the router password, ret...
Zyxel Lte4506-m606 Firmware
Zyxel Lte7460-m608 Firmware
Zyxel Wah7706 Firmware
9.1
CVSSv3
CVE-2019-15803
An issue exists on Zyxel GS1900 devices with firmware prior to 2.50(AAHH.0)C0. Through an undocumented sequence of keypresses, undocumented functionality is triggered. A diagnostics shell is triggered via CTRL-ALT-t, which prompts for the password returned by fds_sys_passDebugPas...
Zyxel Gs1900-8 Firmware
Zyxel Gs1900-8hp Firmware
Zyxel Gs1900-10hp Firmware
Zyxel Gs1900-16 Firmware
Zyxel Gs1900-24e Firmware
Zyxel Gs1900-24 Firmware
Zyxel Gs1900-24hp Firmware
Zyxel Gs1900-48 Firmware
Zyxel Gs1900-48hp Firmware
9.1
CVSSv3
CVE-2019-12583
Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices allows a remote malicious user to generate guest accounts by directly accessing the account generator. This can lead to unauthorised network access or Denial of Service.
Zyxel Uag2100 Firmware
Zyxel Uag4100 Firmware
Zyxel Uag5100 Firmware
Zyxel Usg110 Firmware
Zyxel Usg210 Firmware
Zyxel Usg310 Firmware
Zyxel Usg1100 Firmware
Zyxel Usg1900 Firmware
Zyxel Usg2200-vpn Firmware
Zyxel Zywall Vpn100 Firmware
Zyxel Zywall Vpn300 Firmware
Zyxel Zywall 110 Firmware
Zyxel Zywall 310 Firmware
Zyxel Zywall 1100 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »