Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zyxel vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5372
The post-authentication command injection vulnerability in Zyxel NAS326 firmware versions through V5.21(AAZF.15)C0 and NAS542 firmware versions through V5.21(ABAG.12)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) comma...
Zyxel Nas326 Firmware
Zyxel Nas542 Firmware
NA
CVE-2023-28768
Improper frame handling in the Zyxel XGS2220-30 firmware version V4.80(ABXN.1), XMG1930-30 firmware version V4.80(ACAR.1), and XS1930-10 firmware version V4.80(ABQE.1) could allow an unauthenticated LAN-based malicious user to cause denial-of-service (DoS) conditions by sending c...
Zyxel Xgs2220-30 Firmware 4.80\\(abxn.1\\)
Zyxel Xgs2220-30f Firmware 4.80\\(abye.1\\)
Zyxel Xgs2220-30hp Firmware 4.80\\(abxo.1\\)
Zyxel Xgs2220-54 Firmware 4.80\\(abxp.1\\)
Zyxel Xgs2220-54fp Firmware 4.80\\(acce.1\\)
Zyxel Xgs2220-54hp Firmware 4.80\\(abxq.1\\)
Zyxel Xmg1930-30 Firmware 4.80\\(acar.1\\)
Zyxel Xmg1930-30hp Firmware 4.80\\(acas.1\\)
Zyxel Xs1930-10 Firmware 4.80\\(abqe.1\\)
Zyxel Xs1930-12f Firmware 4.80\\(abzv.1\\)
Zyxel Xs1930-12hp Firmware 4.80\\(abqf.1\\)
6.5
CVSSv2
CVE-2008-1521
ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) up to and including 3.40(AHQ.3), allow remote authenticated users to gain privileges by accessing administrative URIs, as demonstrated by rpSysAdmin.html.
Zyxel Zynos 3.40
Zyxel Prestige 660 H-d1
Zyxel Prestige 660 H-d3
Zyxel Prestige 661 Hw-d1
5
CVSSv2
CVE-2008-1525
The default SNMP configuration on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) up to and including 3.40(AHQ.3), has a Trusted Host value of 0.0.0.0, which allows remote malicious users to send SNMP requests from any source IP address.
Zyxel Prestige 660 H-d3
Zyxel Prestige 661 Hw-d1
Zyxel Zynos 3.40
Zyxel Prestige 660 H-d1
7.5
CVSSv2
CVE-2008-1527
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) up to and including 3.40(AHQ.3), support authentication over HTTP via a hash string in the hiddenPassword field, which allows remote malicious users to obtain access via a rep...
Zyxel Prestige 660 H-d1
Zyxel Prestige 660 H-d3
Zyxel Zynos 3.40
Zyxel Prestige 661 Hw-d1
5
CVSSv2
CVE-2008-1529
ZyXEL Prestige routers have a minimum password length for the admin account that is too small, which makes it easier for remote malicious users to guess passwords via brute force methods.
Zyxel Zynos 3.40
Zyxel Prestige 661 Hw-d1
Zyxel Prestige 660 H-d1
Zyxel Prestige 660 H-d3
7.5
CVSSv2
CVE-2008-1522
ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) up to and including 3.40(AHQ.3), have (1) "user" as their default password for the "user" account and (2) "1234" as their default password for the "admin" ac...
Zyxel Zynos 3.40
Zyxel Prestige 660 H-d1
Zyxel Prestige 660 H-d3
Zyxel Prestige 661 Hw-d1
4
CVSSv2
CVE-2008-1528
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(AGD.2) up to and including 3.40(AHQ.3), allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request...
Zyxel Prestige 661 Hw-d1
Zyxel Zynos 3.40
Zyxel Prestige 660 H-d1
Zyxel Prestige 660 H-d3
5
CVSSv2
CVE-2008-1523
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(AGD.2) up to and including 3.40(AHQ.3), allow remote authenticated users to obtain ISP and Dynamic DNS credentials by sending a direct request for (1) WAN.html, (2) wzPPPOE.html, and (3) rpDyDNS.h...
Zyxel Zynos 3.40
Zyxel Prestige 660 H-d1
Zyxel Prestige 660 H-d3
Zyxel Prestige 661 Hw-d1
7.5
CVSSv2
CVE-2008-1524
The SNMP service on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) up to and including 3.40(AHQ.3), has "public" as its default community for both (1) read and (2) write operations, which allows remote malicious users to perform admin...
Zyxel Prestige 660 H-d1
Zyxel Prestige 660 H-d3
Zyxel Zynos 3.40
Zyxel Prestige 661 Hw-d1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »