zyxel
334 tracked vulnerabilities.
CVE-2025-3577
MEDIUM
Zyxel AMG1302-T10B Firmware 2.00(AAJC.16)C0 - Authenticated Path Traversal
Apr 22, 2025
CVSS 4.9
EPSS 0.10
CVE-2025-1732
MEDIUM
Zyxel USG FLEX H uOS <= V1.31 - Authenticated Privilege Escalation via Crafted Configuration File Upload
Apr 22, 2025
CVSS 6.7
EPSS 0.00
CVE-2025-1731
HIGH
Zyxel uOS 1.20-1.31 - Authenticated Privilege Escalation via PostgreSQL Command Injection
Apr 22, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-0890
CRITICAL
Zyxel Legacy DSL CPE Firmware - Insecure Default Telnet Credentials
Feb 04, 2025
CVSS 9.8
EPSS 0.13
CVE-2024-12010
HIGH
Zyxel DSL/ETHERNET CPE/FIBER ONT/WiFi Extender Firmware - Authenticated OS Command Injection via zyUtilMailSend
Mar 11, 2025
CVSS 7.2
EPSS 0.01
CVE-2024-12009
HIGH
Zyxel DSL/ETH/ONT/Extender Firmware - Authenticated OS Command Injection via ZyEE Function
Mar 11, 2025
CVSS 7.2
EPSS 0.01
CVE-2024-11253
HIGH
Zyxel DSL/ONT/Extender Firmware < 5.50(ABOM.8.5)C0 - Authenticated OS Command Injection via DNSServer Parameter
Mar 11, 2025
CVSS 7.2
EPSS 0.01
CVE-2024-40891
HIGH
KEV
Zyxel VMG4325-B10A - Command Injection
Feb 04, 2025
CVSS 8.8
EPSS 0.20
CVE-2024-40890
HIGH
KEV
Zyxel VMG4325-B10A - Command Injection
Feb 04, 2025
CVSS 8.8
EPSS 0.20
CVE-2024-12398
HIGH
Zyxel NWA/WA/WAX Firmware Authenticated Privilege Escalation via Config Upload
Jan 14, 2025
CVSS 8.8
EPSS 0.01
CVE-2024-9200
HIGH
Zyxel VMG4005-B50A Firmware < 5.15(ABQA.2.2)C0 - Authenticated OS Command Injection via Diagnostic Host Parameter
Dec 03, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-9197
MEDIUM
Zyxel DX/EX Series Firmware Authenticated DoS via Buffer Overflow
Dec 03, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-8748
HIGH
Zyxel VMG8825-T50K - Buffer Overflow
Dec 03, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-11667
HIGH
KEV
Zyxel ATP-USG FLEX-50(W) - Path Traversal
Nov 27, 2024
CVSS 7.5
EPSS 0.03
CVE-2024-11494
HIGH
Zyxel P-6101C <P-6101CSA6AP_20140331 - Info Disclosure
Nov 20, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-8882
MEDIUM
Zyxel GS1900 Series Firmware < 2.90 - Authenticated Denial of Service via Crafted URL
Nov 12, 2024
CVSS 4.5
EPSS 0.00
CVE-2024-8881
MEDIUM
Zyxel GS1900 Series Firmware < 2.90 - Authenticated OS Command Injection via CGI Program
Nov 12, 2024
CVSS 6.8
EPSS 0.01
CVE-2024-9677
MEDIUM
Zyxel uOS < 1.30 - Authenticated Privilege Escalation via CLI Token Theft
Oct 22, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-38269
MEDIUM
Zyxel VMG8825-T50K <5.50(ABOM.8)C0 - Memory Corruption
Sep 24, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-38268
MEDIUM
Zyxel VMG8825-T50K <5.50(ABOM.8)C0 - Memory Corruption
Sep 24, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-38267
MEDIUM
Zyxel VMG8825-T50K <5.50(ABOM.8)C0 - Memory Corruption
Sep 24, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-38266
MEDIUM
Zyxel VMG8825-T50K <5.50(ABOM.8)C0 - Memory Corruption
Sep 24, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-6342
CRITICAL
Zyxel NAS326 and NAS542 Firmware - Unauthenticated OS Command Injection via Export-CGI
Sep 10, 2024
CVSS 9.8
EPSS 0.02
CVE-2024-38270
MEDIUM
Zyxel GS1900-10HP <V2.80(AAZI.0)C0 - Info Disclosure
Sep 10, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-7261
CRITICAL
Zyxel NWA/WAC/WAX/WBE/USG LITE Firmware - Unauthenticated OS Command Injection via Host Parameter
Sep 03, 2024
CVSS 9.8
EPSS 0.11
Products
cloudcnm_secumanager 35
gs1900-10hp_firmware 34
usg_flex_100w_firmware 34
usg_flex_200_firmware 34
usg_flex_500_firmware 34
usg_flex_700_firmware 34
usg_flex_100_firmware 30
emg3525-t50b_firmware 28
emg5523-t50b_firmware 28
vmg8623-t50b_firmware 28
usg_flex_50w_firmware 26
atp200_firmware 25
atp500_firmware 25
atp800_firmware 25
vmg3625-t50b_firmware 25
atp100_firmware 24
dx3301-t0_firmware 24
nas326_firmware 24
vpn100_firmware 24
vpn300_firmware 24
vpn50_firmware 24
atp100w_firmware 23
atp700_firmware 23
ex3301-t0_firmware 23
ex5512-t0_firmware 23
ex5601-t0_firmware 23
ex5601-t1_firmware 23
usg_flex_50_firmware 23
vpn1000_firmware 23
wx5600-t0_firmware 23
Quick Filters