zyxel

334 tracked vulnerabilities.

CVE-2023-27989 MEDIUM
Zyxel NR7101 Firmware < 1.00(ABUV.8)C0 - Authenticated Denial of Service via Crafted HTTP Request
Jun 05, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-27988 HIGH
Zyxel NAS326 Firmware < 5.21(AAZF.13)C0 - Authenticated OS Command Injection
May 30, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-33010 CRITICAL KEV
Zyxel ATP/USG FLEX/USG20/VPN/ZyWALL Firmware 4.25-5.36 - Unauthenticated Buffer Overflow in ID Processing Function
May 24, 2023
CVSS 9.8
EPSS 0.29
CVE-2023-33009 CRITICAL KEV
Zyxel ATP/USG FLEX/USG20/VPN/ZyWALL Firmware 4.60-5.36 - Unauthenticated Buffer Overflow
May 24, 2023
CVSS 9.8
EPSS 0.28
CVE-2023-22924 MEDIUM
Zyxel NBG-418N v2 Firmware < 1.00(AARP.13)C0 - Authenticated Denial of Service via Crafted CLI Commands
May 01, 2023
CVSS 4.9
EPSS 0.01
CVE-2023-22923 MEDIUM
Zyxel NBG-418N v2 Firmware < V1.00(AARP.14)C0 - Authenticated Denial of Service via Format String Vulnerability
May 01, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-22922 HIGH
Zyxel NBG-418N v2 Firmware < 1.00(AARP.13)c0 - Unauthenticated Denial of Service via Crafted Telnet Packets
May 01, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-22921 HIGH
Zyxel NBG-418N v2 < 1.00(aarp.13)c0 Authenticated Stored XSS via Web Interface
May 01, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-22919 HIGH
Zyxel NBG6604 Firmware V1.01(ABIR.0)C0 - Authenticated OS Command Injection
May 01, 2023
CVSS 8.8
EPSS 0.02
CVE-2023-28770 HIGH
Zyxel DX5401-B0 <V5.17(ABYO.1)C0 - Info Disclosure
Apr 27, 2023
CVSS 7.5
EPSS 0.58
CVE-2023-28769 CRITICAL
Zyxel DX5401-B0 Firmware < 5.17(ABYO.1)C0 - Unauthenticated Buffer Overflow in libclinkc.so
Apr 27, 2023
CVSS 9.8
EPSS 0.05
CVE-2023-28771 CRITICAL KEV
Zyxel ATP/USG/ZyWALL/VPN Series Firmware 4.60-5.36 - Unauthenticated Remote Code Execution via IKE Packet Decoder
Apr 25, 2023
CVSS 9.8
EPSS 0.99
CVE-2023-27991 HIGH
Zyxel ATP/USG FLEX/USG20W-VPN/VPN Firmware - Authenticated OS Command Injection via CLI Command
Apr 24, 2023
CVSS 8.8
EPSS 0.02
CVE-2023-27990 MEDIUM
Zyxel ATP/USG FLEX/USG20W-VPN/VPN Firmware 4.16-5.35 - Authenticated Stored Cross-Site Scripting in Logs Page
Apr 24, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-22918 MEDIUM
Zyxel ATP/NWA/USG/WAX - Info Disclosure
Apr 24, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-22917 HIGH
Zyxel USG FLEX/ATP/VPN Firmware 5.00-5.32 - Unauthenticated Buffer Overflow via Crafted Configuration File
Apr 24, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-22916 HIGH
Zyxel USG FLEX/ATP/VPN Series Firmware 5.00-5.35 - DoS via Configuration Parser Input Sanitization Bypass
Apr 24, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-22915 HIGH
Zyxel USG FLEX/USG20-VPN/VPN Series Firmware 4.30-5.35 - DoS via Facebook WiFi CGI Buffer Overflow
Apr 24, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-22914 HIGH
Zyxel USG FLEX/VPN Series Firmware 4.50-5.35 - Path Traversal & OS Command Execution via Hotspot Upload
Apr 24, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-22913 HIGH
Zyxel USG FLEX and VPN Series Firmware 4.50-5.35 - Authenticated Command Injection via account_operator.cgi
Apr 24, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-22920 CRITICAL
Zyxel LTE3316-M604 V2.00(ABMP.6)C0 - Unauthenticated Remote Access via Telnet Misconfiguration
Feb 21, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-45853 MEDIUM
Zyxel GS1900 Series Firmware V2.70 - Authenticated Privilege Escalation via SSH
May 30, 2023
CVSS 6.7
EPSS 0.00
CVE-2022-45854 MEDIUM
Zyxel NWA110AX Firmware < 6.50(ABTG.0)C0 - Denial of Service via Crafted VLAN Frames
Feb 07, 2023
CVSS 4.3
EPSS 0.00
CVE-2022-45441 MEDIUM
Zyxel NBG-418N v2 Firmware < V1.00(AARP.13)C0 - Stored Cross-Site Scripting in Logs Page
Feb 07, 2023
CVSS 6.1
EPSS 0.00
CVE-2022-38547 HIGH
Zyxel ZyWALL/USG <4.72 - Command Injection
Feb 07, 2023
CVSS 7.2
EPSS 0.03