Zyxel

Nwa55axe Firmware

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-12398

  • EPSS 0.15%
  • Veröffentlicht 14.01.2025 02:15:07
  • Zuletzt bearbeitet 21.01.2025 21:12:02

An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to ...

9.8

CVE-2024-7261

  • EPSS 2.81%
  • Veröffentlicht 03.09.2024 03:15:03
  • Zuletzt bearbeitet 13.09.2024 19:39:40

The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) and earlier, WAX655E firmware version 7.00(ACDO.1) and e...

6.5

CVE-2024-1575

  • EPSS 0.19%
  • Veröffentlicht 23.07.2024 02:15:02
  • Zuletzt bearbeitet 22.01.2025 22:33:15

The improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70(ACGG.3) and earlier versions could allow an authenticated user to escalate privileges and download the configuration files on a vulnerable device.

7.2

CVE-2023-6398

  • EPSS 0.73%
  • Veröffentlicht 20.02.2024 02:15:49
  • Zuletzt bearbeitet 21.01.2025 18:36:54

A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware ver...

5.5

CVE-2023-5797

  • EPSS 0.05%
  • Veröffentlicht 28.11.2023 03:15:07
  • Zuletzt bearbeitet 21.11.2024 08:42:30

An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20...

5.5

CVE-2023-37925

  • EPSS 0.07%
  • Veröffentlicht 28.11.2023 02:15:42
  • Zuletzt bearbeitet 21.11.2024 08:12:29

An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20...

6.5

CVE-2023-22918

  • EPSS 0.21%
  • Veröffentlicht 24.04.2023 18:15:09
  • Zuletzt bearbeitet 21.11.2024 07:45:38

A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN...

7.8

CVE-2022-26531

  • EPSS 0.99%
  • Veröffentlicht 24.05.2022 06:15:09
  • Zuletzt bearbeitet 21.11.2024 06:54:07

Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN ser...

7.8

CVE-2022-26532

  • EPSS 1.67%
  • Veröffentlicht 24.05.2022 06:15:09
  • Zuletzt bearbeitet 21.11.2024 06:54:07

A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmw...