Zyxel

Zywall Vpn2s Firmware

9 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-33011

  • EPSS 0.12%
  • Published 17.07.2023 18:15:09
  • Last modified 21.11.2024 08:04:24

A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.10 through 5.36 Patch 2, USG20(W)-VPN series fi...

8.8

CVE-2023-33012

  • EPSS 5.08%
  • Published 17.07.2023 18:15:09
  • Last modified 21.11.2024 08:04:24

A command injection vulnerability in the configuration parser of the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.10 through 5.36...

8

CVE-2023-34138

  • EPSS 0.11%
  • Published 17.07.2023 18:15:09
  • Last modified 21.11.2024 08:06:37

A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2, USG FLEX series firmware versions 4.60 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.60 throug...

8.8

CVE-2023-34139

  • EPSS 0.22%
  • Published 17.07.2023 18:15:09
  • Last modified 21.11.2024 08:06:37

A command injection vulnerability in the Free Time WiFi hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.36 Patch 2 and VPN series firmware versions 4.20 through 5.36 Patch 2, could allow an unauthenticated, LAN-based att...

6.5

CVE-2023-34140

  • EPSS 0.1%
  • Published 17.07.2023 18:15:09
  • Last modified 21.11.2024 08:06:38

A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series ...

8

CVE-2023-34141

  • EPSS 0.11%
  • Published 17.07.2023 18:15:09
  • Last modified 21.11.2024 08:06:38

A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5...

8.8

CVE-2023-28767

  • EPSS 0.12%
  • Published 17.07.2023 17:15:09
  • Last modified 21.11.2024 07:55:58

The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions 5.00 through 5.36,  USG FLEX 50(W) series firmware versions 5.10 through 5.36, USG20(W)-...

7.5

CVE-2021-35027

  • EPSS 0.32%
  • Published 29.09.2021 11:15:07
  • Last modified 21.11.2024 06:11:42

A directory traversal vulnerability in the web server of the Zyxel VPN2S firmware version 1.12 could allow a remote attacker to gain access to sensitive information.

7.8

CVE-2021-35028

  • EPSS 0.07%
  • Published 29.09.2021 11:15:07
  • Last modified 21.11.2024 06:11:42

A command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to execute arbitrary OS commands.