- EPSS 94.42%
- Veröffentlicht 12.05.2022 14:15:07
- Zuletzt bearbeitet 13.03.2025 16:37:06
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX...
CVE-2022-0342
- EPSS 92.29%
- Veröffentlicht 28.03.2022 13:15:07
- Zuletzt bearbeitet 21.11.2024 06:38:25
An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware version...
CVE-2021-35029
- EPSS 0.71%
- Veröffentlicht 02.07.2021 11:15:08
- Zuletzt bearbeitet 21.11.2024 06:11:42
An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to...
- EPSS 94.04%
- Veröffentlicht 22.12.2020 22:15:14
- Zuletzt bearbeitet 03.04.2025 19:46:18
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server...