cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-0890,https://securityvulnerability.io/vulnerability/CVE-2025-0890,Insecure Default Credentials Affecting Zyxel DSL CPE Firmware,"The Zyxel VMG4325-B10A DSL CPE firmware is affected by a vulnerability due to insecure default credentials associated with the Telnet function. This flaw allows unauthorized access to the management interface when the provided default credentials are not modified by administrators. As a result, attackers could exploit this oversight to gain unauthorized control, potentially leading to further compromises in network security. It is crucial for users of this device to ensure that they update the credentials to enhance their device's security.",Zyxel,Vmg4325-b10a Firmware,9.8,CRITICAL,0.01,false,,false,false,false,,false,false,false,,2025-02-04T10:06:56.163Z,0
CVE-2024-40891,https://securityvulnerability.io/vulnerability/CVE-2024-40891,Command Injection Vulnerability in Zyxel DSL CPE Firmware,"A post-authentication command injection vulnerability exists in the management commands of Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615. This flaw allows an authenticated attacker to execute arbitrary operating system commands via Telnet, potentially compromising the security and integrity of the affected device.",Zyxel,Vmg4325-b10a Firmware,8.8,HIGH,0.01,false,,true,false,true,2025-02-04T21:22:52.000Z,false,true,true,2025-02-04T11:52:02.520Z,2025-02-04T10:02:48.018Z,5207
CVE-2024-40890,https://securityvulnerability.io/vulnerability/CVE-2024-40890,Command Injection Vulnerability in Zyxel Legacy DSL CPE,"A post-authentication command injection vulnerability exists in the CGI program of the legacy DSL CPE Zyxel VMG4325-B10A. By crafting a specific HTTP POST request, an authenticated attacker could execute arbitrary operating system commands on the affected device, potentially leading to unauthorized actions and significant security risks.",Zyxel,Vmg4325-b10a Firmware,8.8,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-04T09:55:38.908Z,0
CVE-2024-12398,https://securityvulnerability.io/vulnerability/CVE-2024-12398,Improper Privilege Management in Zyxel WBE530 and WBE660S Firmware,"An improper privilege management vulnerability exists in the web management interface of Zyxel WBE530 and WBE660S firmware versions. This vulnerability allows an authenticated user with limited permissions to escalate their privileges to that of an administrator. By exploiting this flaw, a malicious user gains the ability to upload potentially harmful configuration files to the device, which can compromise the security and integrity of the affected system.",Zyxel,"Wbe530 Firmware,Wbe660s Firmware",8.8,HIGH,0.0004900000058114529,false,,false,false,false,,false,false,false,,2025-01-14T01:39:04.348Z,0
CVE-2024-9200,https://securityvulnerability.io/vulnerability/CVE-2024-9200,Post-Authentication Command Injection Vulnerability,"A vulnerability exists in the Zyxel VMG4005-B50A where an authenticated attacker with administrator privileges can exploit the 'host' parameter of the diagnostic function. This post-authentication command injection flaw permits the execution of operating system commands on the device. As a result, this can lead to unauthorized actions that compromise the integrity and security of the affected device, posing significant risks to network security.",Zyxel,Vmg4005-b50a Firmware,7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-03T01:33:47.398Z,0
CVE-2024-8748,https://securityvulnerability.io/vulnerability/CVE-2024-8748,Buffer Overflow Vulnerability in Libclinkc Could Lead to Temporary DoS,"A buffer overflow vulnerability exists within the packet parser of the third-party library 'libclinkc' used in Zyxel VMG8825-T50K firmware. This vulnerability can be exploited by sending a specially crafted HTTP POST request to the device, potentially leading to a denial of service condition which affects the web management interface. This flaw underscores the importance of maintaining up-to-date firmware to mitigate potential security risks for users relying on this device.",Zyxel,Vmg8825-t50k Firmware,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-03T01:15:46.610Z,0
CVE-2024-11667,https://securityvulnerability.io/vulnerability/CVE-2024-11667,Directory Traversal Vulnerability in Zyxel ATP and USG FLEX Products,"CVE-2024-11667 is a directory traversal vulnerability identified in the web management interface of several Zyxel firmware versions. This flaw exists in Zyxel's ATP Series, USG FLEX Series, and USG20(W)-VPN Series firmware versions, which could potentially enable an unauthorized attacker to exploit crafted URLs to upload or download arbitrary files. Effective security measures and updated firmware are essential to protect against potential attacks leveraging this vulnerability. Organizations using these products should consult Zyxel's advisory for remediation steps.",Zyxel,"Atp Series Firmware,Usg Flex Series Firmware,Usg Flex 50(w) Series Firmware,Usg20(w)-vpn Series Firmware",9.8,CRITICAL,0.18846000730991364,true,2024-12-03T00:00:00.000Z,true,true,true,2024-11-29T09:18:41.000Z,,false,false,,2024-11-27T09:39:41.691Z,0
CVE-2024-11494,https://securityvulnerability.io/vulnerability/CVE-2024-11494,Unauthenticated Attacker Could Read device Information via HTTP HEAD Method,"An improper authentication vulnerability exists in Zyxel's P-6101C ADSL modem, specifically in firmware version P-6101CSA6AP_20140331. This flaw enables an unauthenticated attacker to potentially access sensitive device information through crafted HTTP HEAD requests. Exploitation of this vulnerability could lead to unauthorized information disclosure, raising significant concerns for users relying on this product for network connectivity.",Zyxel,P-6101c Firmware,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-20T09:36:06.694Z,0
CVE-2024-6342,https://securityvulnerability.io/vulnerability/CVE-2024-6342,Crafted HTTP POST request can execute OS commands,"A command injection vulnerability exists in the export-cgi program within Zyxel NAS326 and NAS542 firmware, allowing unauthenticated attackers to execute operating system commands. This can be exploited by sending crafted HTTP POST requests, potentially compromising the integrity and operational functionality of the affected devices. Users of the NAS326 and NAS542 models should review the firmware versions to mitigate risks associated with this vulnerability.",Zyxel,"Nas326 Firmware,Nas542 Firmware",9.8,CRITICAL,0.0004299999854993075,false,,true,false,false,,,false,false,,2024-09-10T01:55:13.215Z,0
CVE-2024-7261,https://securityvulnerability.io/vulnerability/CVE-2024-7261,"Unauthenticated OS Command Execution Vulnerability in Zyxel NWA1123ACv3, WAC500, WAX655E, WBE530, and USG LITE 60AX Firmware","An OS command injection vulnerability exists in the CGI program of several Zyxel network devices due to improper neutralization of special elements in the 'host' parameter. This flaw can allow unauthenticated attackers to execute arbitrary OS commands on vulnerable devices by sending specially crafted cookies. The affected products include various firmware versions of the NWA1123ACv3, WAC500, WAX655E, WBE530, and USG LITE 60AX, which can expose organizations to significant security risks.",Zyxel,"Nwa1123acv3 Firmware,Wac500 Firmware,Wax655e Firmware,Wbe530 Firmware,Usg Lite 60ax Firmware",9.8,CRITICAL,0.0008999999845400453,false,,false,false,false,,,false,false,,2024-09-03T02:10:25.112Z,0
CVE-2024-42060,https://securityvulnerability.io/vulnerability/CVE-2024-42060,Post-Authentication Command Injection Vulnerability Affects Zyxel ATP Series devices,"The vulnerability in Zyxel products is a post-authentication command injection flaw that permits an authenticated user with administrative privileges to execute arbitrary operating system commands. This exploit arises when a crafted internal user agreement file is uploaded to affected devices, specifically those running vulnerable firmware versions across various Zyxel firewall product lines. Organizations using Zyxel ATP series, USG FLEX series, and USG20 VPN series should evaluate their systems for these vulnerabilities to prevent potential exploitation.",Zyxel,"Atp Series Firmware,Usg Flex Series Firmware,Usg Flex 50(w) Series Firmware,Usg20(w)-vpn Series Firmware",7.2,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-09-03T01:54:57.221Z,0
CVE-2024-42059,https://securityvulnerability.io/vulnerability/CVE-2024-42059,Post-Authentication Command Injection Vulnerability,"A post-authentication command injection vulnerability exists in the firmware of multiple Zyxel products, specifically within the ATP series, USG FLEX series, and USG20(W)-VPN series. This vulnerability permits an authenticated attacker possessing administrator privileges to execute arbitrary operating system commands on affected devices. The exploitation vector involves uploading a specially crafted compressed language file via FTP. The following firmware versions are affected: ATP series from V5.00 to V5.38, USG FLEX series from V5.00 to V5.38, USG FLEX 50(W) series from V5.00 to V5.38, and USG20(W)-VPN series from V5.00 to V5.38. For further details and mitigations, it is advisable to refer to Zyxel's official security advisory.",Zyxel,"Atp Series Firmware,Usg Flex Series Firmware,Usg Flex 50(w) Series Firmware,Usg20(w)-vpn Series Firmware",7.2,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-09-03T01:51:20.796Z,0
CVE-2024-42058,https://securityvulnerability.io/vulnerability/CVE-2024-42058,Attackers Can Cause DoS Conditions with Targeted Packets Against Zyxel Devices,"A null pointer dereference vulnerability exists in the firmware of various Zyxel firewall products, including the ATP series and the USG FLEX series. This flaw allows unauthenticated attackers to send specially crafted packets to the affected devices, potentially leading to denial-of-service (DoS) conditions. Devices running the specified firmware versions are susceptible to disruptions, underlining the importance of prompt updates and patches to mitigate the risks associated with this vulnerability.",Zyxel,"Atp Series Firmware,Usg Flex Series Firmware,Usg Flex 50(w) Series Firmware,Usg20(w)-vpn Series Firmware",7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-09-03T01:47:29.258Z,0
CVE-2024-42057,https://securityvulnerability.io/vulnerability/CVE-2024-42057,"Unauthenticated Command Injection Vulnerability in Zyxel ATP Series, USG FLEX Series, and USG20(W)-VPN Series Firmware","A command injection vulnerability exists in the IPSec VPN feature of multiple Zyxel firewall products, including ATP and USG FLEX series. This vulnerability could permit an unauthenticated attacker to execute operating system commands on the targeted device. Exploitation requires the device to be configured in User-Based-PSK authentication mode and for there to be a valid user with a username longer than 28 characters. This potential risk highlights the need for users to monitor their configurations and implement necessary security measures.",Zyxel,"Atp Series Firmware,Usg Flex Series Firmware,Usg Flex 50(w) Series Firmware,Usg20(w)-vpn Series Firmware",8.1,HIGH,0.0008999999845400453,false,,false,false,false,,,false,false,,2024-09-03T01:43:28.106Z,0
CVE-2024-7203,https://securityvulnerability.io/vulnerability/CVE-2024-7203,Post-Authentication Command Injection Vulnerability Affects Zyxel ATP Series Firmware,"A post-authentication command injection vulnerability exists in Zyxel ATP and USG FLEX series firmware that could allow an authenticated attacker with administrator privileges to execute arbitrary operating system commands. This vulnerability arises when a crafted command is executed within the command-line interface, potentially compromising the integrity and security of the affected devices. Users are advised to review their current firmware versions and apply necessary updates to mitigate potential risks.",Zyxel,"Atp Series Firmware,Usg Flex Series Firmware",7.2,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-09-03T01:36:32.110Z,0
CVE-2024-5412,https://securityvulnerability.io/vulnerability/CVE-2024-5412,Buffer Overflow Vulnerability Could Lead to Denial of Service in Zyxel VMG8825-T50K Firmware,"A vulnerability exists in the Zyxel VMG8825-T50K firmware due to a buffer overflow in the libclinkc library. This flaw can be exploited by an unauthenticated attacker who sends specially crafted HTTP requests to the device. Successful exploitation can lead to denial of service conditions, impacting the availability of the affected device. Users are encouraged to apply relevant patches and consider network security practices to mitigate potential risks.",Zyxel,Vmg8825-t50k Firmware,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-09-03T01:18:40.444Z,0
CVE-2024-8234,https://securityvulnerability.io/vulnerability/CVE-2024-8234,Unauthenticated Command Injection Vulnerability in Zyxel NWA1100-N Firmware Could Allow Access to System Files,"A command injection vulnerability exists in the Zyxel NWA1100-N firmware that permits an unauthenticated attacker to exploit functions such as formSysCmd(), formUpgradeCert(), and formDelcert(). This exploitation could lead to unauthorized execution of OS commands, potentially allowing access to sensitive system files on the device. Administrators are urged to assess their systems and apply mitigations or updates as necessary to safeguard against potential attacks.",Zyxel,Nwaw1100-n Firmware,9.8,CRITICAL,0.0011099999537691474,false,,false,false,false,,,false,false,,2024-08-30T01:15:00.000Z,0
CVE-2024-29974,https://securityvulnerability.io/vulnerability/CVE-2024-29974,Unauthenticated Remote Code Execution Vulnerability in Zyxel NAS326 Firmware,"A vulnerability in the Zyxel NAS326 and NAS542 devices involves the CGI program 'file_upload-cgi', which allows unauthorized remote code execution. By uploading a specially crafted configuration file, attackers can exploit this flaw to execute arbitrary commands on the device. This vulnerability affects firmware versions released prior to V5.21(AAZF.17)C0 for NAS326 and V5.21(ABAG.14)C0 for NAS542. Users are advised to update their firmware promptly to mitigate potential security risks associated with this issue.",Zyxel,"Nas326 Firmware,Nas542 Firmware",9.8,CRITICAL,0.0004299999854993075,false,,true,false,false,,,false,false,,2024-06-04T01:34:11.340Z,0
CVE-2024-29973,https://securityvulnerability.io/vulnerability/CVE-2024-29973,Unauthenticated Command Injection Vulnerability in Zyxel NAS326 Firmware,"The Zyxel NAS326 and NAS542 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 have an unauthenticated command injection vulnerability that allows unauthenticated attackers to execute operating system (OS) commands by sending a crafted HTTP POST request. Three other high-severity vulnerabilities were discovered by security researchers in these devices as well, including a backdoor account called ""NsaRescueAngel."" The discovery of these vulnerabilities prompted Zyxel to release patches for these devices, despite reaching end-of-life status. There is no evidence of these vulnerabilities being exploited in the wild, but the proof of concept for exploitation is available, so it is likely to happen soon.",Zyxel,"Nas326 Firmware,Nas542 Firmware",9.8,CRITICAL,0.004189999774098396,false,,true,true,true,2024-06-21T15:38:50.000Z,true,false,false,,2024-06-04T01:29:41.852Z,110
CVE-2024-29972,https://securityvulnerability.io/vulnerability/CVE-2024-29972,Unauthenticated Command Injection Vulnerability in Zyxel NAS326 Firmware,"A critical unauthenticated command injection vulnerability has been discovered in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0. This vulnerability could allow an unauthenticated attacker to execute operating system commands through a crafted HTTP POST request. Zyxel has released patches for three high-severity flaws affecting these devices and advised users to apply them immediately. In addition to these three critical vulnerabilities, two other moderately severe flaws were also found. The devices reached end-of-life status, but Zyxel still decided to patch them for organizations with extended warranty. The vulnerabilities were discovered by Timothy Hjort, but at the time of reporting, there were no reports or evidence of in-the-wild abuse, although the methodology is widely available, indicating that it is likely just a matter of time before an exploitation is seen.",Zyxel,"Nas326 Firmware,Nas542 Firmware",9.8,CRITICAL,0.004189999774098396,false,,true,false,false,,,false,false,,2024-06-04T01:24:58.172Z,0
CVE-2023-6764,https://securityvulnerability.io/vulnerability/CVE-2023-6764,Unauthorized Remote Code Execution Vulnerability in Zyxel ATP Series Firmware,"A format string vulnerability exists in the IPSec VPN feature of Zyxel's firmware, specifically impacting several models within the ATP and USG FLEX series. This vulnerability may allow an attacker to execute unauthorized remote code by utilizing a sequence of specially crafted payloads that exploit an invalid pointer. Successfully carrying out an attack necessitates a comprehensive understanding of the targeted device's memory layout and configuration, potentially making exploitation challenging.",Zyxel,"ATP series firmware,USG FLEX series firmware,USG FLEX 50(W) series firmware,USG20(W)-VPN series firmware",8.1,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-20T02:14:09.814Z,0
CVE-2023-6398,https://securityvulnerability.io/vulnerability/CVE-2023-6398,"Post-Authentication Command Injection Vulnerability Affects Zyxel ATP Series, USG FLEX Series, USG FLEX 50(W) Series, USG20(W)-VPN Series, NWA50AX, WAC500, WAX300H, and WBE660S Firmware","A post-authentication command injection vulnerability exists in multiple Zyxel devices, specifically within the file upload binary. This issue affects various firmware versions across multiple series, including Zyxel ATP, USG FLEX, and WAC series. When an attacker with administrator privileges accesses an affected device via FTP, they may execute arbitrary operating system commands, potentially compromising the integrity and functionality of the device. This vulnerability underscores the importance of keeping firewall and network equipment firmware updated to safeguard against potential attacks.",Zyxel,"Atp Series Firmware,Usg Flex Series Firmware,Usg Flex 50(w) Series Firmware,Usg20(w)-vpn Series Firmware,Nwa50ax Firmware,Wac500 Firmware,Wax300h Firmware,Wbe660s Firmware,Usg Flex H Series Firmware",7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-20T01:34:32.229Z,0
CVE-2023-5372,https://securityvulnerability.io/vulnerability/CVE-2023-5372,Post-Authentication Command Injection Vulnerability in Zyxel NAS Products,"An authenticated post-authentication command injection vulnerability exists in the Zyxel NAS326 and NAS542 firmware, allowing attackers with administrator privileges to execute arbitrary operating system commands. This exploitation can be achieved by navigating to the web management interface of an affected device and sending a specially crafted query parameter within the URL. The affected firmware versions enhance the risk by not adequately validating input, thereby providing a potential attack vector for malicious actors.",Zyxel,"Nas326 Firmware,Nas542 Firmware",7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-01-30T00:55:33.090Z,0
CVE-2023-35138,https://securityvulnerability.io/vulnerability/CVE-2023-35138,Command Injection Vulnerability in Zyxel NAS Products,"A command injection vulnerability exists in the Zyxel NAS326 and NAS542 firmware that may allow unauthorized users to execute arbitrary operating system commands. This weakness is realized through the 'show_zysync_server_contents' function, which becomes exploitable if manipulated via a specially crafted HTTP POST request. Attackers could leverage this flaw to gain control over system operations, posing significant risks to data integrity and confidentiality.",Zyxel,"NAS326 firmware,NAS542 firmware",9.8,CRITICAL,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-11-30T02:15:00.000Z,0
CVE-2023-4473,https://securityvulnerability.io/vulnerability/CVE-2023-4473,Command Injection Vulnerability in Zyxel NAS326 and NAS542 Products,"A command injection vulnerability has been discovered in the Zyxel NAS326 and NAS542 web server firmware, enabling unauthenticated attackers to execute arbitrary operating system commands. This security flaw can be exploited by sending specifically crafted URLs to the affected devices, posing significant risks to device integrity and data security. Users are advised to apply the relevant security updates to mitigate potential threats.",Zyxel,"NAS326 firmware,NAS542 firmware",9.8,CRITICAL,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-11-30T02:15:00.000Z,0