zyxel

334 tracked vulnerabilities.

CVE-2019-9955 MEDIUM NUCLEI
Zyxel Firewall Devices - Reflected Cross-Site Scripting via Login Page mp_idx Parameter
Apr 22, 2019
CVSS 6.1
EPSS 0.21
CVE-2019-10634 MEDIUM
Zyxel NAS326 Firmware < 5.21 - Authenticated Stored Cross-Site Scripting via Description Fields
Apr 09, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-10633 HIGH
Zyxel NAS326 Firmware < 5.21 - Authenticated Code Injection via tjp6jp6y4 simZysh and ck6fup6 APIs
Apr 09, 2019
CVSS 8.8
EPSS 0.03
CVE-2019-10632 MEDIUM
Zyxel NAS326 Firmware < 5.21 - Path Traversal in File Browser
Apr 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10631 HIGH
Zyxel NAS326 Firmware < 5.21 - Authenticated OS Command Injection via Package Installer
Apr 09, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10630 HIGH
Zyxel NAS326 Firmware < 5.21 - Insufficiently Protected Credentials
Apr 09, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-7391 HIGH
ZyXEL VMG3312-B10B DSL-491HUNU-B1B v2 - CSRF
Mar 21, 2019
CVSS 8.8
EPSS 0.14
CVE-2019-6710 HIGH
Zyxel NBG-418N v2 v1.00(AAXM.4)C0 - Cross-Site Request Forgery via login.cgi
Mar 07, 2019
CVSS 8.8
EPSS 0.03
CVE-2018-14893 HIGH
ZyXEL NSA325 V2 <4.81 - Command Injection
Nov 27, 2018
CVSS 8.8
EPSS 0.03
CVE-2018-14892 HIGH
ZyXEL NSA325 V2 4.81 - Cross-Site Request Forgery via Crafted HTTP Forms
Nov 27, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-19326 HIGH NUCLEI
Zyxel VMG1312-B10D <5.13(AAXA.8)C0 - Path Traversal
Nov 17, 2018
CVSS 7.5
EPSS 0.10
CVE-2018-18754 CRITICAL
ZyXEL VMG3312-B10B 1.00(AAPP.7) - Insufficiently Protected Credentials
Oct 29, 2018
CVSS 9.8
EPSS 0.01
CVE-2018-15602 MEDIUM
Zyxel VMG3312 B10B Firmware - Stored Cross-Site Scripting via Hostname Parameter
Aug 26, 2018
CVSS 6.1
EPSS 0.01
CVE-2018-9129 MEDIUM
ZyXEL ZyWALL/USG Firmware - Bleichenbacher Attack via IKE Handshake
Aug 15, 2018
CVSS 5.9
EPSS 0.01
CVE-2018-9149 MEDIUM
Zyxel Multy X AC3000 Firmware - Use of Hard-coded Credentials via UART Access
Apr 01, 2018
CVSS 6.8
EPSS 0.00
CVE-2018-1164 CRITICAL
ZyXEL P-870H-51 DSL Router 1.00(AWG.3)D5 - DoS
Feb 21, 2018
CVSS 9.8
EPSS 0.04
CVE-2018-5330 HIGH
ZyXEL P-660HW v3 - Denial of Service via UDP Packet Flood
Jan 16, 2018
CVSS 7.5
EPSS 0.02
CVE-2017-18374 HIGH
Billion 5200w-t Firmware - Hard-coded Credentials
May 02, 2019
CVSS 8.8
EPSS 0.06
CVE-2017-18372 HIGH
Billion 5200W-T Firmware - Authenticated OS Command Injection via uiViewSNTPServer Parameter
May 02, 2019
CVSS 8.8
EPSS 0.22
CVE-2017-18371 CRITICAL
Billion 5200w-t Firmware - Hard-coded Credentials
May 02, 2019
CVSS 9.8
EPSS 0.23
CVE-2017-18370 HIGH
Billion 5200w-t Firmware - OS Command Injection
May 02, 2019
CVSS 8.8
EPSS 0.23
CVE-2017-18368 CRITICAL KEV
Billion 5200w-t Firmware - OS Command Injection
May 02, 2019
CVSS 9.8
EPSS 0.95
CVE-2017-17550 HIGH
ZyXEL ZyWALL USG 2.12 AQQ.2 and 3.30 AQQ.7 - Cross-Site Request Forgery via User Account Addition
Nov 10, 2018
CVSS 8.8
EPSS 0.00
CVE-2017-17901 HIGH
ZyXEL P-660HW v3 - Denial of Service via TTL Expiry Packet Flood
Dec 29, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-15226 CRITICAL
Zyxel NBG6716 V1.00(AAKG.9)C0 - OS Command Injection via ozkerz Component
Oct 10, 2017
CVSS 9.8
EPSS 0.02