zyxel

330 tracked vulnerabilities.

CVE-2024-12010 HIGH
Zyxel DSL/ETHERNET CPE/FIBER ONT/WiFi Extender Firmware - Authenticated OS Command Injection via zyUtilMailSend
Mar 11, 2025
CVSS 7.2
EPSS 0.00
CVE-2024-12009 HIGH
Zyxel DSL/ETH/ONT/Extender Firmware - Authenticated OS Command Injection via ZyEE Function
Mar 11, 2025
CVSS 7.2
EPSS 0.00
CVE-2024-11253 HIGH
Zyxel DSL/ONT/Extender Firmware < 5.50(ABOM.8.5)C0 - Authenticated OS Command Injection via DNSServer Parameter
Mar 11, 2025
CVSS 7.2
EPSS 0.00
CVE-2024-40891 HIGH KEV
Zyxel VMG4325-B10A - Command Injection
Feb 04, 2025
CVSS 8.8
EPSS 0.53
CVE-2024-40890 HIGH KEV
Zyxel VMG4325-B10A - Command Injection
Feb 04, 2025
CVSS 8.8
EPSS 0.46
CVE-2024-12398 HIGH
Zyxel NWA/WA/WAX Firmware Authenticated Privilege Escalation via Config Upload
Jan 14, 2025
CVSS 8.8
EPSS 0.00
CVE-2024-9200 HIGH
Zyxel VMG4005-B50A Firmware < 5.15(ABQA.2.2)C0 - Authenticated OS Command Injection via Diagnostic Host Parameter
Dec 03, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-9197 MEDIUM
Zyxel DX/EX Series Firmware Authenticated DoS via Buffer Overflow
Dec 03, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-8748 HIGH
Zyxel VMG8825-T50K - Buffer Overflow
Dec 03, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-11667 HIGH KEV
Zyxel ATP-USG FLEX-50(W) - Path Traversal
Nov 27, 2024
CVSS 7.5
EPSS 0.31
CVE-2024-11494 HIGH
Zyxel P-6101C <P-6101CSA6AP_20140331 - Info Disclosure
Nov 20, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-8882 MEDIUM
Zyxel GS1900 Series Firmware < 2.90 - Authenticated Denial of Service via Crafted URL
Nov 12, 2024
CVSS 4.5
EPSS 0.00
CVE-2024-8881 MEDIUM
Zyxel GS1900 Series Firmware < 2.90 - Authenticated OS Command Injection via CGI Program
Nov 12, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-9677 MEDIUM
Zyxel uOS < 1.30 - Authenticated Privilege Escalation via CLI Token Theft
Oct 22, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-38269 MEDIUM
Zyxel VMG8825-T50K <5.50(ABOM.8)C0 - Memory Corruption
Sep 24, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-38268 MEDIUM
Zyxel VMG8825-T50K <5.50(ABOM.8)C0 - Memory Corruption
Sep 24, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-38267 MEDIUM
Zyxel VMG8825-T50K <5.50(ABOM.8)C0 - Memory Corruption
Sep 24, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-38266 MEDIUM
Zyxel VMG8825-T50K <5.50(ABOM.8)C0 - Memory Corruption
Sep 24, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-6342 CRITICAL
Zyxel NAS326 and NAS542 Firmware - Unauthenticated OS Command Injection via Export-CGI
Sep 10, 2024
CVSS 9.8
EPSS 0.07
CVE-2024-38270 MEDIUM
Zyxel GS1900-10HP <V2.80(AAZI.0)C0 - Info Disclosure
Sep 10, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-7261 CRITICAL
Zyxel NWA/WAC/WAX/WBE/USG LITE Firmware - Unauthenticated OS Command Injection via Host Parameter
Sep 03, 2024
CVSS 9.8
EPSS 0.28
CVE-2024-42061 MEDIUM
Zyxel ZLD 4.32-5.38 - Reflected Cross-Site Scripting via dynamic_script.cgi
Sep 03, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-7203 HIGH
Zyxel ZLD 4.60-5.38 - Authenticated OS Command Injection via CLI Command
Sep 03, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-6343 MEDIUM
Zyxel ZLD 4.32-5.38 - Authenticated Denial of Service via Crafted HTTP Request
Sep 03, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-5412 HIGH
Zyxel Nebula LTE3301-PLUS Firmware < 1.18(ACCA.4)C0 - Unauthenticated Denial of Service via Crafted HTTP Request
Sep 03, 2024
CVSS 7.5
EPSS 0.01
Products
cloudcnm_secumanager 35 gs1900-10hp_firmware 34 usg_flex_100w_firmware 34 usg_flex_200_firmware 34 usg_flex_500_firmware 34 usg_flex_700_firmware 34 usg_flex_100_firmware 30 emg3525-t50b_firmware 26 emg5523-t50b_firmware 26 usg_flex_50w_firmware 26 vmg8623-t50b_firmware 26 atp200_firmware 25 atp500_firmware 25 atp800_firmware 25 atp100_firmware 24 nas326_firmware 24 vpn100_firmware 24 vpn300_firmware 24 vpn50_firmware 24 atp100w_firmware 23 atp700_firmware 23 usg_flex_50_firmware 23 vmg3625-t50b_firmware 23 vpn1000_firmware 23 dx3301-t0_firmware 22 ex3510-b0_firmware 22 dx5401-b0_firmware 21 emg5723-t50k_firmware 21 ex3301-t0_firmware 21 ex5510-b0_firmware 21
Quick Filters
Critical CVEs With Exploits In CISA KEV