zyxel

330 tracked vulnerabilities.

CVE-2024-42060 HIGH
Zyxel ZLD 4.32-5.38 - Authenticated OS Command Injection via Crafted Internal User Agreement File
Sep 03, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-42059 HIGH
Zyxel ATP/USG FLEX/USG20-W VPN 5.00-5.38 - Authenticated OS Command Injection via FTP Language File Upload
Sep 03, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-42058 HIGH
Zyxel ATP/USG FLEX/USG20(W)-VPN 4.32-5.38 - Unauthenticated Denial of Service via Crafted Packet
Sep 03, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-42057 HIGH
Zyxel ATP/USG FLEX/USG20-W VPN 4.32-5.38 - Unauthenticated OS Command Injection via Long Username
Sep 03, 2024
CVSS 8.1
EPSS 0.03
CVE-2024-8234 HIGH
Zyxel NWA1100-N <1.00(AACE.1)C0 - Command Injection
Aug 30, 2024
CVSS 7.5
EPSS 0.07
CVE-2024-1575 MEDIUM
Zyxel NWA and WAX Series Firmware < 7.00 - Authenticated Privilege Escalation via Configuration Download
Jul 23, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-29976 MEDIUM
Zyxel NAS326 <V5.21(AAZF.17)C0 - Privilege Escalation
Jun 04, 2024
CVSS 6.5
EPSS 0.06
CVE-2024-29975 MEDIUM
Zyxel NAS326 <V5.21(AAZF.17)C0 - Privilege Escalation
Jun 04, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-29974 CRITICAL
Zyxel NAS326 <V5.21(AAZF.17)C0 - RCE
Jun 04, 2024
CVSS 9.8
EPSS 0.44
CVE-2024-29973 CRITICAL NUCLEI
Zyxel NAS326 <V5.21(AAZF.17)C0 - Command Injection
Jun 04, 2024
CVSS 9.8
EPSS 0.94
CVE-2024-29972 CRITICAL NUCLEI
Zyxel NAS326 <V5.21(AAZF.17)C0 - Command Injection
Jun 04, 2024
CVSS 9.8
EPSS 0.92
CVE-2024-0816 MEDIUM
DX3300-T1 <5.50(ABVY.4)C0 - Buffer Overflow
May 21, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-37929 MEDIUM
Zyxel VMG3625-T50B V5.50(ABPM.8)C0 - Authenticated Denial of Service via Crafted HTTP Request
May 21, 2024
CVSS 6.5
EPSS 0.01
CVE-2023-6764 HIGH
Zyxel ATP/USG FLEX Series Firmware 4.32-5.37 Patch 1 - Remote Code Execution via IPSec VPN Format String
Feb 20, 2024
CVSS 8.1
EPSS 0.02
CVE-2023-6399 MEDIUM
Zyxel ATP-USG FLEX- USG20-W-H <5.37.1 - DoS
Feb 20, 2024
CVSS 5.7
EPSS 0.00
CVE-2023-6398 HIGH
Zyxel ATP <5.37 - Command Injection
Feb 20, 2024
CVSS 7.2
EPSS 0.01
CVE-2023-6397 MEDIUM
Zyxel ATP <5.37 Patch 1 - USG FLEX <5.37 Patch 1 - DoS
Feb 20, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-5372 HIGH
Zyxel NAS326/NAS542 < 5.21(AAZF.16)C0/< 5.21(ABAG.13)C0 Authenticated OS Command Injection
Jan 30, 2024
CVSS 7.2
EPSS 0.10
CVE-2023-4474 CRITICAL
Zyxel NAS326/NAS542 < 5.21(AAZF.14)C0/5.21(ABAG.11)C0 - Unauthenticated OS Command Injection
Nov 30, 2023
CVSS 9.8
EPSS 0.13
CVE-2023-4473 CRITICAL
Zyxel NAS326/NAS542 < 5.21(AAZF.14)C0/5.21(ABAG.11)C0 - Unauthenticated OS Command Injection
Nov 30, 2023
CVSS 9.8
EPSS 0.33
CVE-2023-37928 HIGH
Zyxel NAS326/NAS542 <5.21(AAZF.14)C0/<5.21(ABAG.11)C0 Authenticated OS Command Injection
Nov 30, 2023
CVSS 8.8
EPSS 0.02
CVE-2023-37927 HIGH
Zyxel NAS326/NAS542 < 5.21(AAZF.14)C0/< 5.21(ABAG.11)C0 Authenticated OS Command Injection
Nov 30, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-35138 CRITICAL
Zyxel NAS326 & NAS542 < 5.21(aazf.14)c0 & < 5.21(abag.11)c0 - Unauthenticated OS Command Injection
Nov 30, 2023
CVSS 9.8
EPSS 0.10
CVE-2023-35137 HIGH
Zyxel NAS326/NAS542 < 5.21(AAZF.14)C0/< 5.21(ABAG.11)C0 - Authentication Bypass
Nov 30, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-5960 MEDIUM
Zyxel ZLD 4.50-5.37 - Authenticated Improper Privilege Management in Hotspot Feature
Nov 28, 2023
CVSS 5.5
EPSS 0.00
Products
cloudcnm_secumanager 35 gs1900-10hp_firmware 34 usg_flex_100w_firmware 34 usg_flex_200_firmware 34 usg_flex_500_firmware 34 usg_flex_700_firmware 34 usg_flex_100_firmware 30 emg3525-t50b_firmware 26 emg5523-t50b_firmware 26 usg_flex_50w_firmware 26 vmg8623-t50b_firmware 26 atp200_firmware 25 atp500_firmware 25 atp800_firmware 25 atp100_firmware 24 nas326_firmware 24 vpn100_firmware 24 vpn300_firmware 24 vpn50_firmware 24 atp100w_firmware 23 atp700_firmware 23 usg_flex_50_firmware 23 vmg3625-t50b_firmware 23 vpn1000_firmware 23 dx3301-t0_firmware 22 ex3510-b0_firmware 22 dx5401-b0_firmware 21 emg5723-t50k_firmware 21 ex3301-t0_firmware 21 ex5510-b0_firmware 21
Quick Filters
Critical CVEs With Exploits In CISA KEV