Zyxel Zyxel

  1. Vendors
  2. Zyxel

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Zyxel product.

RSS Feeds for Zyxel security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Zyxel products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Zyxel Sorted by Most Security Vulnerabilities since 2018

Zyxel Nas542 Firmware2 vulnerabilities

Zyxel Nas326 Firmware2 vulnerabilities

Zyxel Usg Flex 50ax Firmware1 vulnerability

Zyxel Usg Flex 100hp Firmware1 vulnerability

Zyxel Usg Flex 100w Firmware1 vulnerability

Zyxel Usg Flex 200 Firmware1 vulnerability

Zyxel Usg Flex 200h Firmware1 vulnerability

Zyxel Usg Flex 200hp Firmware1 vulnerability

Zyxel Usg Flex 50 Firmware1 vulnerability

Zyxel Usg Flex 500 Firmware1 vulnerability

Zyxel Usg Flex 500h Firmware1 vulnerability

Zyxel Usg Flex 500w Firmware1 vulnerability

Zyxel Usg Flex 50w Firmware1 vulnerability

Zyxel Usg Flex 60ax Firmware1 vulnerability

Zyxel Usg Flex 700 Firmware1 vulnerability

Zyxel Usg Flex 700h Firmware1 vulnerability

Zyxel Usg Flex Firmware1 vulnerability

Zyxel Usg Flex Series Firmware1 vulnerability

Zyxel Usg20 Vpn Firmware1 vulnerability

Zyxel Dx5401 B0 Firmware1 vulnerability

Zyxel Amg1302 T10b Firmware1 vulnerability

Zyxel Atp Firmware1 vulnerability

Zyxel Atp Series Firmware1 vulnerability

Zyxel Atp100 Firmware1 vulnerability

Zyxel Atp100w Firmware1 vulnerability

Zyxel Atp500 Firmware1 vulnerability

Zyxel Atp700 Firmware1 vulnerability

Zyxel Atp800 Firmware1 vulnerability

Zyxel Ax7501 B0 Firmware1 vulnerability

Zyxel Usg Flex 100h Firmware1 vulnerability

Zyxel Emg2926 Firmware1 vulnerability

Zyxel Nbg 418n Firmware1 vulnerability

Zyxel Nwaw1100 N Firmware1 vulnerability

Zyxel P 335wt Router1 vulnerability

Zyxel P6101c Firmware1 vulnerability

Zyxel Pmg2005 T20b Firmware1 vulnerability

Zyxel Uos1 vulnerability

Known Exploited Zyxel Vulnerabilities

The following Zyxel vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
Zyxel DSL CPE OS Command Injection Vulnerability Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the management commands that could allow an authenticated attacker to execute OS commands via Telnet.
CVE-2024-40891 Exploit Probability: 55.4% 		February 11, 2025
Zyxel DSL CPE OS Command Injection Vulnerability Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the CGI program that could allow an authenticated attacker to execute OS commands via a crafted HTTP request.
CVE-2024-40890 Exploit Probability: 45.9% 		February 11, 2025
Zyxel Multiple Firewalls Path Traversal Vulnerability Multiple Zyxel firewalls contain a path traversal vulnerability in the web management interface that could allow an attacker to download or upload files via a crafted URL.
CVE-2024-11667 Exploit Probability: 35.9% 		December 3, 2024
Zyxel EMG2926 Routers Command Injection Vulnerability Zyxel EMG2926 routers contain a command injection vulnerability located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute malicious commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI.
CVE-2017-6884 Exploit Probability: 91.5% 		September 18, 2023
Zyxel P660HN-T1A Routers Command Injection Vulnerability Zyxel P660HN-T1A routers contain a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user and exploited via the remote_host parameter of the ViewLog.asp page.
CVE-2017-18368 Exploit Probability: 93.7% 		August 7, 2023
Zyxel Multiple NAS Devices Command Injection Vulnerability Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability that could allow an unauthenticated attacker to execute commands remotely via a crafted HTTP request.
CVE-2023-27992 Exploit Probability: 86.5% 		June 23, 2023
Zyxel Multiple Firewalls Buffer Overflow Vulnerability Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerability in the notification function that could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and remote code execution on an affected device.
CVE-2023-33009 Exploit Probability: 6.2% 		June 5, 2023
Zyxel Multiple Firewalls Buffer Overflow Vulnerability Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerability in the ID processing function that could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and remote code execution on an affected device.
CVE-2023-33010 Exploit Probability: 5.9% 		June 5, 2023
Zyxel Multiple Firewalls OS Command Injection Vulnerability Zyxel ATP, USG FLEX, VPN, and ZyWALL/USG firewalls allow for improper error message handling which could allow an unauthenticated attacker to execute OS commands remotely by sending crafted packets to an affected device.
CVE-2023-28771 Exploit Probability: 94.3% 		May 31, 2023
Zyxel Multiple Firewalls OS Command Injection Vulnerability A command injection vulnerability in the CGI program of some Zyxel firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.
CVE-2022-30525 Exploit Probability: 94.4% 		May 16, 2022
Zyxel Multiple NAS Devices OS Command Injection Vulnerability Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code.
CVE-2020-9054 Exploit Probability: 94.3% 		March 25, 2022
ZyXEL Unified Security Gateway Undocumented Administrator Account with Default Credentials Firmware version 4.60 of ZyXEL USG devices contains an undocumented account (zyfwp) with an unchangeable password.
CVE-2020-29583 Exploit Probability: 94.4% 		November 3, 2021

Of the known exploited vulnerabilities above, 7 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings. 3 known exploited Zyxel vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.

By the Year

In 2026 there have been 8 vulnerabilities in Zyxel with an average score of 6.6 out of ten. Last year, in 2025 Zyxel had 9 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Zyxel in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.80




Year Vulnerabilities Average Score
2026 8 6.58
2025 9 7.38
2024 4 8.15
2023 12 8.25
2022 23 6.51
2021 0 0.00
2020 4 8.27

It may take a day or so for new Zyxel vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Zyxel Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-1459 Feb 24, 2026
Command Injection in Zyxel VMG3625-T50B TR-369 CGI (<=5.50(ABPM.9.7)C0) A post-authentication command injection vulnerability in the TR-369 certificate download CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.7)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on an affected device.
CVE-2025-13943 Feb 24, 2026
Zyxel EX3301-T0 <=5.50(ABVY.7)C0: Auth Cmd Inject via Log File Download A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected device.
CVE-2025-13942 Feb 24, 2026
Command Injection in Zyxel EX3510-B0 UPnP (5.17) A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through 5.17(ABUP.15.1)C0 could allow a remote attacker to execute operating system (OS) commands on an affected device by sending specially crafted UPnP SOAP requests.
CVE-2025-11848 Feb 24, 2026
Null PTR Deref DoS in Zyxel VMG3625/WX3100 WoL CGI v5.50 A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Zyxel VMG3625-T50B firmware version through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request.
CVE-2025-11847 Feb 24, 2026
Zyxel VMG3625-T50B null-pointer DoS via IP settings CGI A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request.
CVE-2025-11846 Feb 24, 2026
Zyxel VMG3625-T50B/WX3100 DoS via Account Settings CGI Null Pointer (5.50) A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request.
CVE-2025-11845 Feb 24, 2026
DoS via Null PTR in Zyxel VMG3625-T50B/WX3100-T0 CertDownloader CGI 5.50 A null pointer dereference vulnerability in the certificate downloader CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request.
CVE-2025-11730 Feb 05, 2026
Zyxel ATP/USG CLI command injection v5.35-5.41 - post-auth OS cmd exec A postauthentication command injection vulnerability in the Dynamic DNS (DDNS) configuration CLI command in Zyxel ATP series firmware versions from V5.35 through V5.41, USG FLEX series firmware versions from V5.35 through V5.41, USG FLEX 50(W) series firmware versions from V5.35 through V5.41, and USG20(W)-VPN series firmware versions from V5.35 through V5.41 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on an affected device by supplying a specially crafted string as an argument to the CLI command.
CVE-2025-8693 Nov 18, 2025
Command Injection via priv param in Zyxel DX3300-T0 firmware <=5.50(ABVY.6.3) A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an authenticated attacker to execute operating system (OS) commands on an affected device.
CVE-2025-6599 Nov 18, 2025
Zyxel DX3301T0 5.50(ABVY.6.3)C0 Slowloris DoS via Web Server An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowlorisstyle denialofservice (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other networking services remain unaffected.
CVE-2025-9133 Oct 21, 2025
Missing Auth in Zyxel ATP/USG FLEX v4.32v5.40: View Config A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50(W) series firmware versions from V4.16 through V5.40, and USG20(W)-VPN series firmware versions from V4.16 through V5.40 could allow a semi-authenticated attackerwho has completed only the first stage of the two-factor authentication (2FA) processto view and download the system configuration from an affected device.
CVE-2025-8078 Oct 21, 2025
Zyxel USG Flex & ATP Firmware Cmd Injection (V4.325.40) A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50(W) series firmware versions from V4.16 through V5.40, and USG20(W)-VPN series firmware versions from V4.16 through V5.40 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on the affected device by passing a crafted string as an argument to a CLI command.
Atp Series Firmware
Usg Flex Series Firmware
CVE-2025-1732 Apr 22, 2025
Zyxel USG Flex H uOS <=1.31 Priv Escal via Config Upload An improper privilege management vulnerability in the recovery function of the Zyxel USG FLEX H series uOS firmware version V1.31 and earlier could allow an authenticated local attacker with administrator privileges to upload a crafted configuration file and escalate privileges on a vulnerable device.
CVE-2025-1731 Apr 22, 2025
Zyxel USG FLEX H uOS V1.20-1.31: PostgreSQL Perm Escal via Token An incorrect permission assignment vulnerability in the PostgreSQL commands of the Zyxel USG FLEX H series uOS firmware versions from V1.20 through V1.31 could allow an authenticated local attacker with low privileges to gain access to the Linux shell and escalate their privileges by crafting malicious scripts or modifying system configurations with administrator-level access through a stolen token. Modifying the system configuration is only possible if the administrator has not logged out and the token remains valid.
CVE-2025-3577 Apr 22, 2025
Zyxel AMG1302-T10B 2.00/AAJC.16C0 Path Trv Auth-Only WebUI **UNSUPPORTED WHEN ASSIGNED** A path traversal vulnerability in the web management interface of the Zyxel AMG1302-T10B firmware version 2.00(AAJC.16)C0 could allow an authenticated attacker with administrator privileges to access restricted directories by sending a crafted HTTP request to an affected device.
Amg1302 T10b Firmware
CVE-2024-40891 Feb 04, 2025
Command Injection in Zyxel VMG4325-B10A 1.00(AAFR.4)C0 via Telnet **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device via Telnet.
CVE-2024-40890 Feb 04, 2025
Command Injection in Zyxel VMG4325-B10A DSL CPE CGI (1.00) **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the CGI program of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device by sending a crafted HTTP POST request.
CVE-2024-11667 Nov 27, 2024
Zyxel ATP, USG FLEX, and USG20(W)-VPN Series Directory Traversal Vulnerability A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL.
Usg Flex 100h Firmware
Usg Flex 100hp Firmware
Usg Flex 100w Firmware
And others...
CVE-2024-11494 Nov 20, 2024
Zyxel P-6101C ADSL Modem: Improper Authentication Vulnerability **UNSUPPORTED WHEN ASSIGNED** The improper authentication vulnerability in the Zyxel P-6101C ADSL modem firmware version P-6101CSA6AP_20140331 could allow an unauthenticated attacker to read some device information via a crafted HTTP HEAD method.
P6101c Firmware
CVE-2024-9677 Oct 22, 2024
Privilege Escalation via Insufficiently Protected Credentials in USG FLEX uOS V1.21 The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series uOS firmware version V1.21 and earlier versions could allow an authenticated local attacker to gain privilege escalation by stealing the authentication token of a login administrator. Note that this attack could be successful only if the administrator has not logged out.
Uos
CVE-2024-8234 Aug 30, 2024
Command injection in Zyxel NWA1100-N firmware 1.00(AACE.1)C0 form* functions ** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the functions formSysCmd(), formUpgradeCert(), and formDelcert() in the Zyxel NWA1100-N firmware version 1.00(AACE.1)C0 could allow an unauthenticated attacker to execute some OS commands to access system files on an affected device.
Nwaw1100 N Firmware
CVE-2023-4473 Nov 30, 2023
Zyxel NAS326/NAS542 5.21 CmdInject via WebServer URL A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
Nas326 Firmware
Nas542 Firmware
CVE-2023-4474 Nov 30, 2023
Zyxel NAS326/542 WSGI Command Injection via Malformed URL The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
Nas326 Firmware
Nas542 Firmware
CVE-2023-5593 Nov 20, 2023
SecuExtender SSL VPN Client v4.0.4.0 Windows OOB Write PrivEsc via Craft Msg The out-of-bounds write vulnerability in the Windows-based SecuExtender SSL VPN Client software version 4.0.4.0 could allow an authenticated local user to gain a privilege escalation by sending a crafted CREATE message.
Secuextender Ssl Vpn
CVE-2023-43314 Sep 27, 2023
Buf Ovf in Zyxel PMG2005-T20B v1.00 (ABNK.2b11_C0) Unauth DoS via uid ** UNSUPPORTED WHEN ASSIGNED **The buffer overflow vulnerability in the Zyxel PMG2005-T20B firmware version V1.00(ABNK.2)b11_C0 could allow an unauthenticated attacker to cause a denial of service condition via a crafted uid.
Pmg2005 T20b Firmware
CVE-2023-27992 Jun 19, 2023
Pre-auth Command Injection in Zyxel NAS (< V5.21) via HTTP The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request.
CVE-2023-33010 May 24, 2023
Zyxel ATP/USG/VPN Firmware ID BOF 4.325.36 Patch 1 A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
CVE-2023-33009 May 24, 2023
Zyxel ATP/USG Buffer Overflow (4.605.36 Patch1) DoS/RCE A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
CVE-2023-28770 Apr 27, 2023
CVE-2023-28770: Zyxel DX5401-B0 Firmware <V5.17 Remote Info Disclosure via CGI Export_Log & zcmd The sensitive information exposure vulnerability in the CGI Export_Log and the binary zcmd in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file.
Dx5401 B0 Firmware
CVE-2023-28771 Apr 25, 2023
Zyxel ZyWALL/USG 4.605.35 Error Msg Disclosure Enables Remote OS Cmd Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device.
CVE-2022-45441 Feb 07, 2023
XSS in Zyxel NBG-418N v2 Logs UI < 1.00 - Auth DoS A cross-site scripting (XSS) vulnerability in Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.13)C0, which could allow an attacker to store malicious scripts in the Logs page of the GUI on a vulnerable device. A successful XSS attack could force an authenticated user to execute the stored malicious scripts and then result in a denial-of-service (DoS) condition when the user visits the Logs page of the GUI on the device.
Nbg 418n Firmware
CVE-2022-45439 Jan 17, 2023
Zyxel AX7501-B0 Config Stores Spare WiFi Credentials in Cleartext (V5.17<) A pair of spare WiFi credentials is stored in the configuration file of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0 in cleartext. An unauthenticated attacker could use the credentials to access the WLAN service if the configuration file has been retrieved from the device by leveraging another known vulnerability.
Ax7501 B0 Firmware
CVE-2022-45440 Jan 17, 2023
Zyxel AX7501-B0 FTP Symbolic Link Escalation < V5.17(ABPC.3)C0 A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0, which processes symbolic links on external storage media. A local authenticated attacker with administrator privileges could abuse this vulnerability to access the root file system by creating a symbolic link on external storage media, such as a USB flash drive, and then logging into the FTP server on a vulnerable device.
CVE-2020-15334 Sep 29, 2022
Escape-Sequence Injection in Zyxel CloudCNM SecuManager 3.1.x (axxmpp.log) Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence injection into the /var/log/axxmpp.log file.
Cloudcnm Secumanager
CVE-2020-15347 Sep 29, 2022
CVE-2020-15347: Zyxel CloudCNM SecuManager 3.1.1 Default axiros Password Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the q6xV4aW8bQ4cfD-b password for the axiros account.
Cloudcnm Secumanager
CVE-2020-15346 Sep 29, 2022
Zyxel CloudCNM SecuManager 3.1.x API Key Leak via /live/GLOBALS Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key.
Cloudcnm Secumanager
CVE-2020-15345 Sep 29, 2022
Unauth zy_get_instances_for_update API in Zyxel SecuManager 3.1.0/1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_instances_for_update API.
Cloudcnm Secumanager
CVE-2020-15344 Sep 29, 2022
Zyxel CloudCNM SecuManager 3.1.0-3.1.1 Unauthenticated zy_get_user_id_and_key API Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_user_id_and_key API.
Cloudcnm Secumanager
CVE-2020-15343 Sep 29, 2022
Unauthenticated zy_install_user_key API in Zyxel CloudCNM SecuManager 3.1.x Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user_key API.
Cloudcnm Secumanager
CVE-2020-15342 Sep 29, 2022
Unauthenticated zy_install_user API in Zyxel CloudCNM SecuManager 3.1.0-3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user API.
Cloudcnm Secumanager
CVE-2020-15341 Sep 29, 2022
Unauthenticated API Vulnerability in Zyxel CloudCNM SecuManager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated update_all_realm_license API.
Cloudcnm Secumanager
CVE-2020-15340 Sep 29, 2022
Zyxel CloudCNM SecuManager 3.1.0 Hardcoded SSH Key Exposure Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded opt/axess/AXAssets/default_axess/axess/TR69/Handlers/turbolink/sshkeys/id_rsa SSH key.
Cloudcnm Secumanager
CVE-2020-15339 Sep 29, 2022
Zyxel CloudCNM SecuManager 3.1.0-3.1.1 XSS in AXCampaignManager endpoint Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows live/CPEManager/AXCampaignManager/handle_campaign_script_link?script_name= XSS.
Cloudcnm Secumanager
CVE-2020-15338 Sep 29, 2022
Zyxel CloudCNM SecuManager 3.1.x: GET Sensitive Query Strings /cnr Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /cnr requests.
Cloudcnm Secumanager
CVE-2020-15337 Sep 29, 2022
Zyxel CloudCNM SecuManager 3.1.0/3.1.1 GET Sensitive Query Strings Vulnerability Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /registerCpe requests.
Cloudcnm Secumanager
CVE-2020-15333 Sep 29, 2022
Account Discovery via MySQL Enumeration in Zyxel CloudCNM SecuManager 3.1.x Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows attackers to discover accounts via MySQL "select * from Administrator_users" and "select * from Users_users" requests.
Cloudcnm Secumanager
CVE-2020-15332 Sep 29, 2022
Zyxel CloudCNM SecuManager 3.1.x Weak /opt/axess/etc/default/axess Permissions Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/default/axess permissions.
Cloudcnm Secumanager
CVE-2020-15331 Sep 29, 2022
Zyxel CloudCNM SecuManager 3.1 OAUTH secret key exposed Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded OAUTH_SECRET_KEY in /opt/axess/etc/default/axess.
Cloudcnm Secumanager
CVE-2020-15330 Sep 29, 2022
Hardcoded APP_KEY in Zyxel CloudCNM SecuManager 3.1.0/3.1.1 config Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded APP_KEY in /opt/axess/etc/default/axess.
Cloudcnm Secumanager
CVE-2020-15329 Sep 29, 2022
Weak Data.fs Permissions in Zyxel CloudCNM SecuManager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak Data.fs permissions.
Cloudcnm Secumanager
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.