An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 up to and including 5.37, USG FLEX series firmware versions 4.50 up to and including 5.37, USG FLEX 50(W) series firmware versions 4.16 up to and including 5.37, USG20(W)-VPN series firmware versions 4.16 up to and including 5.37, VPN series firmware versions 4.30 up to and including 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local malicious user to access system files on an affected device.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
zyxel zld |
||
zyxel nwa110ax_firmware |
||
zyxel nwa1123acv3_firmware |
||
zyxel nwa210ax_firmware |
||
zyxel nwa220ax-6e_firmware |
||
zyxel nwa50ax_firmware |
||
zyxel nwa50ax-pro_firmware |
||
zyxel nwa55axe_firmware |
||
zyxel nwa90ax_firmware |
||
zyxel nwa90ax-pro_firmware |
||
zyxel wac500_firmware |
||
zyxel wac500h_firmware |
||
zyxel wax510d_firmware |
||
zyxel wax610d_firmware |
||
zyxel wax620d-6e_firmware |
||
zyxel wax630s_firmware |
||
zyxel wax640s-6e_firmware |
||
zyxel wax650s_firmware |
||
zyxel wax655e_firmware |
||
zyxel wbe660s_firmware |
Vulmon