zyxel
330 tracked vulnerabilities.
CVE-2023-5797
MEDIUM
Zyxel ZLD 4.32-5.37 - Authenticated Privilege Escalation via Debug CLI Command
Nov 28, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-5650
MEDIUM
Zyxel ZLD 4.32-5.37 - Authenticated Privilege Escalation via ZySH Registration Page URL Modification
Nov 28, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-4398
HIGH
Zyxel ATP/USG FLEX/USG20(W)-VPN <5.37 - DoS
Nov 28, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-4397
MEDIUM
Zyxel ATP/FLEX/USG - Buffer Overflow
Nov 28, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-37926
MEDIUM
Zyxel ATP/USG FLEX/USG20-VPN/VPN 4.32-5.37 - Authenticated Denial of Service via CLI System Log Dump
Nov 28, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-37925
MEDIUM
Zyxel ZLD >=4.32 <5.37 - Authenticated Improper Privilege Management via Debug CLI Command
Nov 28, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-35139
MEDIUM
Zyxel ZLD 5.10-5.37 - Unauthenticated Stored Cross-Site Scripting via ZTP Log Dump CGI
Nov 28, 2023
CVSS 5.2
EPSS 0.00
CVE-2023-35136
MEDIUM
Zyxel ZLD 4.32-5.37 - Authenticated Configuration File Access via Quagga Package Input Validation
Nov 28, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-5593
HIGH
Zyxel SecuExtender SSL VPN Client 4.0.4.0 - Authenticated Privilege Escalation via Crafted CREATE Message
Nov 20, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-35140
MEDIUM
Zyxel GS1900 Series Firmware < 2.70 - Authenticated Privilege Escalation via Read-Only Access
Nov 07, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-43314
HIGH
Zyxel PMG2005-T20B Firmware V1.00(ABNK.2)b11_C0 - Unauthenticated Denial of Service via Crafted UID
Sep 27, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-33013
HIGH
Zyxel NBG6604 Firmware V1.01(ABIR.1)C0 - Authenticated OS Command Injection via NTP Feature
Aug 14, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-28768
MEDIUM
Zyxel XGS2220-30, XMG1930-30, XS1930-10 <4.80 - DoS
Aug 14, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-34141
HIGH
Zyxel ATP/NXC series - Command Injection
Jul 17, 2023
CVSS 8.0
EPSS 0.00
CVE-2023-34140
MEDIUM
Zyxel ATP <5.36 Patch 2 - Buffer Overflow
Jul 17, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-34139
HIGH
Zyxel USG FLEX/VPN <5.36 - Command Injection
Jul 17, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-34138
HIGH
Zyxel ATP/FLEX/USG20/VPN <5.36 - Command Injection
Jul 17, 2023
CVSS 8.0
EPSS 0.00
CVE-2023-33012
HIGH
Zyxel USG/ATP/VPN Firmware 5.00-5.36 Patch 2 - Unauthenticated OS Command Injection via GRE Configuration
Jul 17, 2023
CVSS 8.8
EPSS 0.09
CVE-2023-33011
HIGH
Zyxel Firewalls and WLAN Controllers 5.00-5.36 Patch 2 - Unauthenticated Remote Code Execution via PPPoE Configuration
Jul 17, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-28767
HIGH
Zyxel ATP/USG FLEX/USG20(W)-VPN/VPN <5.36 - Command Injection
Jul 17, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-27992
CRITICAL
KEV
Zyxel NAS326, NAS540, and NAS542 Firmware < 5.21 - Unauthenticated OS Command Injection via HTTP Request
Jun 19, 2023
CVSS 9.8
EPSS 0.87
CVE-2023-27989
MEDIUM
Zyxel NR7101 Firmware < 1.00(ABUV.8)C0 - Authenticated Denial of Service via Crafted HTTP Request
Jun 05, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-27988
HIGH
Zyxel NAS326 Firmware < 5.21(AAZF.13)C0 - Authenticated OS Command Injection
May 30, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-33010
CRITICAL
KEV
Zyxel ATP/USG FLEX/USG20/VPN/ZyWALL Firmware 4.25-5.36 - Unauthenticated Buffer Overflow in ID Processing Function
May 24, 2023
CVSS 9.8
EPSS 0.06
CVE-2023-33009
CRITICAL
KEV
Zyxel ATP/USG FLEX/USG20/VPN/ZyWALL Firmware 4.60-5.36 - Unauthenticated Buffer Overflow
May 24, 2023
CVSS 9.8
EPSS 0.06
Products
cloudcnm_secumanager 35
gs1900-10hp_firmware 34
usg_flex_100w_firmware 34
usg_flex_200_firmware 34
usg_flex_500_firmware 34
usg_flex_700_firmware 34
usg_flex_100_firmware 30
emg3525-t50b_firmware 26
emg5523-t50b_firmware 26
usg_flex_50w_firmware 26
vmg8623-t50b_firmware 26
atp200_firmware 25
atp500_firmware 25
atp800_firmware 25
atp100_firmware 24
nas326_firmware 24
vpn100_firmware 24
vpn300_firmware 24
vpn50_firmware 24
atp100w_firmware 23
atp700_firmware 23
usg_flex_50_firmware 23
vmg3625-t50b_firmware 23
vpn1000_firmware 23
dx3301-t0_firmware 22
ex3510-b0_firmware 22
dx5401-b0_firmware 21
emg5723-t50k_firmware 21
ex3301-t0_firmware 21
ex5510-b0_firmware 21
Quick Filters