Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zyxel vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2020-28899
The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication, which allows remote unauthenticated attackers (via crafted JSON action data to /cgi-bin/gui.cgi) to use all features provided by the router. Examples: change the router password, ret...
Zyxel Lte4506-m606 Firmware
Zyxel Lte7460-m608 Firmware
Zyxel Wah7706 Firmware
6.4
CVSSv2
CVE-2019-15803
An issue exists on Zyxel GS1900 devices with firmware prior to 2.50(AAHH.0)C0. Through an undocumented sequence of keypresses, undocumented functionality is triggered. A diagnostics shell is triggered via CTRL-ALT-t, which prompts for the password returned by fds_sys_passDebugPas...
Zyxel Gs1900-8 Firmware
Zyxel Gs1900-8hp Firmware
Zyxel Gs1900-10hp Firmware
Zyxel Gs1900-16 Firmware
Zyxel Gs1900-24e Firmware
Zyxel Gs1900-24 Firmware
Zyxel Gs1900-24hp Firmware
Zyxel Gs1900-48 Firmware
Zyxel Gs1900-48hp Firmware
6.4
CVSSv2
CVE-2019-12583
Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices allows a remote malicious user to generate guest accounts by directly accessing the account generator. This can lead to unauthorised network access or Denial of Service.
Zyxel Uag2100 Firmware
Zyxel Uag4100 Firmware
Zyxel Uag5100 Firmware
Zyxel Usg110 Firmware
Zyxel Usg210 Firmware
Zyxel Usg310 Firmware
Zyxel Usg1100 Firmware
Zyxel Usg1900 Firmware
Zyxel Usg2200-vpn Firmware
Zyxel Zywall Vpn100 Firmware
Zyxel Zywall Vpn300 Firmware
Zyxel Zywall 110 Firmware
Zyxel Zywall 310 Firmware
Zyxel Zywall 1100 Firmware
6.4
CVSSv2
CVE-2005-3724
Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 allows remote malicious users to obtain sensitive information and possibly cause a denial of service via a direct connection to UDP port 9090, which is undocumented and does not require authentication.
Zyxel P2000w Version 1 Voip Wifi Phone Wj.00.10
Zyxel Prestige 2000w V.1voip Wi-fi Phone Wj.00.10
6.4
CVSSv2
CVE-2005-3725
Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 uses hardcoded IP addresses for its DNS servers, which could allow remote malicious users to cause a denial of service or hijack Zyxel phones by attacking or spoofing the hardcoded DNS servers. NOTE: it could be argued that this iss...
Zyxel Prestige 2000w V.1voip Wi-fi Phone Wj.00.10
6.1
CVSSv2
CVE-2014-0353
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote malicious users to bypass authentication by using %2F sequences in place of / (slash) characters.
Zyxel N300 Netusb Nbg-419n Firmware 1.00\\(bfq 6\\)c0
Zyxel N300 Netusb Nbg-419n -
5
CVSSv2
CVE-2021-35027
A directory traversal vulnerability in the web server of the Zyxel VPN2S firmware version 1.12 could allow a remote malicious user to gain access to sensitive information.
Zyxel Zywall Vpn2s Firmware 1.12\\(abln.0\\)c0
5
CVSSv2
CVE-2020-20183
Insecure direct object reference vulnerability in Zyxel’s P1302-T10 v3 with firmware version 2.00(ABBX.3) and previous versions allows malicious users to gain privileges and access certain admin pages.
Zyxel P1302-t10 V3 Firmware 2.00
5
CVSSv2
CVE-2020-15336
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /cnr requests.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
5
CVSSv2
CVE-2020-15335
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /registerCpe requests.
Zyxel Cloudcnm Secumanager 3.1.0
Zyxel Cloudcnm Secumanager 3.1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »