Filtered by vendor Zyxel
Subscribe
Total
327 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-1459 | 1 Zyxel | 12 Dx5401-b1, Dx5401-b1 Firmware, Emg3525-t50b and 9 more | 2026-06-17 | N/A | 7.2 HIGH |
| A post-authentication command injection vulnerability in the TR-369 certificate download CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.7)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on an affected device. | |||||
| CVE-2025-9133 | 1 Zyxel | 17 Atp100, Atp100w, Atp200 and 14 more | 2026-06-17 | N/A | 8.1 HIGH |
| A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50(W) series firmware versions from V4.16 through V5.40, and USG20(W)-VPN series firmware versions from V4.16 through V5.40 could allow a semi-authenticated attacker—who has completed only the first stage of the two-factor authentication (2FA) process—to view and download the system configuration from an affected device. | |||||
| CVE-2025-8693 | 1 Zyxel | 108 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 105 more | 2026-06-17 | N/A | 8.8 HIGH |
| A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an authenticated attacker to execute operating system (OS) commands on an affected device. | |||||
| CVE-2025-8078 | 1 Zyxel | 17 Atp100, Atp100w, Atp200 and 14 more | 2026-06-17 | N/A | 7.2 HIGH |
| A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50(W) series firmware versions from V4.16 through V5.40, and USG20(W)-VPN series firmware versions from V4.16 through V5.40 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on the affected device by passing a crafted string as an argument to a CLI command. | |||||
| CVE-2025-7673 | 1 Zyxel | 48 Emg3525-t50b, Emg3525-t50b Firmware, Emg5523-t50b and 45 more | 2026-06-17 | N/A | 9.8 CRITICAL |
| A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request. | |||||
| CVE-2025-6599 | 1 Zyxel | 132 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 129 more | 2026-06-17 | N/A | 5.3 MEDIUM |
| An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris‑style denial‑of‑service (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other networking services remain unaffected. | |||||
| CVE-2025-6265 | 1 Zyxel | 46 Nwa110ax, Nwa110ax Firmware, Nwa1123ac Pro and 43 more | 2026-06-17 | N/A | 7.2 HIGH |
| A path traversal vulnerability in the file_upload-cgi CGI program of Zyxel NWA50AX PRO firmware version 7.10(ACGE.2) and earlier could allow an authenticated attacker with administrator privileges to access specific directories and delete files, such as the configuration file, on the affected device. | |||||
| CVE-2025-3577 | 1 Zyxel | 2 Amg1302-t10b, Amg1302-t10b Firmware | 2026-06-17 | N/A | 4.9 MEDIUM |
| **UNSUPPORTED WHEN ASSIGNED** A path traversal vulnerability in the web management interface of the Zyxel AMG1302-T10B firmware version 2.00(AAJC.16)C0 could allow an authenticated attacker with administrator privileges to access restricted directories by sending a crafted HTTP request to an affected device. | |||||
| CVE-2025-1732 | 1 Zyxel | 9 Uos, Usg Flex 100h, Usg Flex 100hp and 6 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| An improper privilege management vulnerability in the recovery function of the Zyxel USG FLEX H series uOS firmware version V1.31 and earlier could allow an authenticated local attacker with administrator privileges to upload a crafted configuration file and escalate privileges on a vulnerable device. | |||||
| CVE-2025-1731 | 1 Zyxel | 9 Uos, Usg Flex 100h, Usg Flex 100hp and 6 more | 2026-06-17 | N/A | 7.8 HIGH |
| An incorrect permission assignment vulnerability in the PostgreSQL commands of the Zyxel USG FLEX H series uOS firmware versions from V1.20 through V1.31 could allow an authenticated local attacker with low privileges to gain access to the Linux shell and escalate their privileges by crafting malicious scripts or modifying system configurations with administrator-level access through a stolen token. Modifying the system configuration is only possible if the administrator has not logged out and the token remains valid. | |||||
| CVE-2025-13943 | 1 Zyxel | 104 Am7510-00, Am7510-00 Firmware, Ax7501-b1 and 101 more | 2026-06-17 | N/A | 8.8 HIGH |
| A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected device. | |||||
| CVE-2025-13942 | 1 Zyxel | 36 Dx4510-b0, Dx4510-b0 Firmware, Dx4510-b1 and 33 more | 2026-06-17 | N/A | 9.8 CRITICAL |
| A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through 5.17(ABUP.15.1)C0 could allow a remote attacker to execute operating system (OS) commands on an affected device by sending specially crafted UPnP SOAP requests. | |||||
| CVE-2025-11848 | 1 Zyxel | 96 Ax7501-b1, Ax7501-b1 Firmware, Dx3300-t0 and 93 more | 2026-06-17 | N/A | 4.9 MEDIUM |
| A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Zyxel VMG3625-T50B firmware version through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request. | |||||
| CVE-2025-11847 | 1 Zyxel | 108 Ax7501-b1, Ax7501-b1 Firmware, Dx3300-t0 and 105 more | 2026-06-17 | N/A | 4.9 MEDIUM |
| A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request. | |||||
| CVE-2025-11846 | 1 Zyxel | 108 Ax7501-b1, Ax7501-b1 Firmware, Dx3300-t0 and 105 more | 2026-06-17 | N/A | 4.9 MEDIUM |
| A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request. | |||||
| CVE-2025-11845 | 1 Zyxel | 108 Ax7501-b1, Ax7501-b1 Firmware, Dx3300-t0 and 105 more | 2026-06-17 | N/A | 4.9 MEDIUM |
| A null pointer dereference vulnerability in the certificate downloader CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request. | |||||
| CVE-2025-0890 | 1 Zyxel | 28 Sbg3300-n000, Sbg3300-n000 Firmware, Sbg3300-nb00 and 25 more | 2026-06-17 | N/A | 9.8 CRITICAL |
| **UNSUPPORTED WHEN ASSIGNED** Insecure default credentials for the Telnet function in the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an attacker to log in to the management interface if the administrators have the option to change the default credentials but fail to do so. | |||||
| CVE-2024-9677 | 1 Zyxel | 6 Uos, Usg Flex 100h, Usg Flex 200h and 3 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series uOS firmware version V1.21 and earlier versions could allow an authenticated local attacker to gain privilege escalation by stealing the authentication token of a login administrator. Note that this attack could be successful only if the administrator has not logged out. | |||||
| CVE-2024-9200 | 1 Zyxel | 12 Emg6726-b10a, Emg6726-b10a Firmware, Vmg3927-b50b and 9 more | 2026-06-17 | N/A | 7.2 HIGH |
| A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device. | |||||
| CVE-2024-9197 | 1 Zyxel | 72 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 69 more | 2026-06-17 | N/A | 4.9 MEDIUM |
| A post-authentication buffer overflow vulnerability in the parameter "action" of the CGI program in Zyxel VMG3625-T50B firmware versions through V5.50(ABPM.9.2)C0 could allow an authenticated attacker with administrator privileges to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP GET request to a vulnerable device if the function ZyEE is enabled. | |||||