Vulnerabilidades en Zyxel
165 resultadosCVE-2022-43390MEDIUMA command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated aEPSS 1.1%CVE-2025-13942CRITICALA command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through 5.17(ABUP.15.1)C0 could allow a remoEPSS 1.1%CVE-2023-22915HIGHA buffer overflow vulnerability in the “fbwifi_forward.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, USG FLEPSS 1.1%CVE-2024-12010HIGHA post-authentication command injection vulnerability in the ”zyUtilMailSend” function of the Zyxel AX7501-B1 firmware version V5.17(ABPC.5.EPSS 1.1%CVE-2021-35034HIGHAn insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access thEPSS 1.0%CVE-2023-22914HIGHA path traversal vulnerability in the “account_print.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN EPSS 1.0%CVE-2022-40602CRITICALA flaw in the Zyxel LTE3301-M209 firmware verisons prior to V1.00(ABLG.6)C0 could allow a remote attacker to access the device using an imprEPSS 1.0%CVE-2023-27989MEDIUMA buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authEPSS 1.0%CVE-2026-7256HIGH** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 coEPSS 1.0%CVE-2022-2030MEDIUMA directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI proEPSS 1.0%CVE-2025-8693HIGHA post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earliEPSS 1.0%CVE-2023-22922HIGHA buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote unauthenticated atEPSS 0.9%CVE-2025-1731HIGHAn incorrect permission assignment vulnerability in the PostgreSQL commands of the Zyxel USG FLEX H series uOS firmware versions from V1.20 EPSS 0.9%CVE-2026-0711MEDIUMA post-authentication command injection vulnerability in the EasyMesh-related APIs of Zyxel DX3300-T0 firmware versions through 5.50(ABVY.7.EPSS 0.9%CVE-2026-1459HIGHA post-authentication command injection vulnerability in the TR-369 certificate download CGI program of the Zyxel VMG3625-T50B firmware versEPSS 0.9%CVE-2023-6764HIGH
A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.3EPSS 0.9%CVE-2023-4398HIGHAn integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware EPSS 0.9%CVE-2023-22917HIGHA buffer overflow vulnerability in the “sdwan_iface_ipc” binary of Zyxel ATP series firmware versions 5.10 through 5.32, USG FLEX series firEPSS 0.9%CVE-2023-35137HIGHAn improper authentication vulnerability in the authentication module of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmwEPSS 0.9%CVE-2023-22920CRITICALA security misconfiguration vulnerability exists in the Zyxel LTE3316-M604 firmware version V2.00(ABMP.6)C0 due to a factory default misconfEPSS 0.8%