cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-34141,https://securityvulnerability.io/vulnerability/CVE-2023-34141,Command Injection Vulnerability in Zyxel ATP and USG FLEX Series Firmware,"A command injection vulnerability exists in the access point management functionality of Zyxel's firmware, affecting several product lines. An attacker on the local network can exploit this flaw to execute arbitrary OS commands on targeted devices by manipulating the managed AP list, contingent upon convincing an authorized administrator to add their IP address. This highlights the importance of stringent access controls and vigilance in network management practices to safeguard against potential exploits.",Zyxel,"Atp Series Firmware,Usg Flex Series Firmware,Usg Flex 50(w) Series Firmware,Usg20(w)-vpn Series Firmware,Vpn Series Firmware,Nxc2500 Firmware,Nxc5500 Firmware",8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-07-17T18:15:00.000Z,0
CVE-2023-34140,https://securityvulnerability.io/vulnerability/CVE-2023-34140,Buffer Overflow Vulnerability in Zyxel ATP and USG FLEX Series Firmware,"A buffer overflow risk exists in multiple Zyxel firmware versions, enabling a possible denial of service (DoS) through the CAPWAP daemon. This vulnerability allows an unauthenticated attacker on the local area network (LAN) to manipulate crafted requests, potentially leading to service disruptions. Users are urged to update their firmware to mitigate these risks.",Zyxel,"Atp Series Firmware,Usg Flex Series Firmware,Usg Flex 50(w) Series Firmware,Usg20(w)-vpn Series Firmware,Vpn Series Firmware,Nxc2500 Firmware,Nxc5500 Firmware",6.5,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2023-07-17T18:15:00.000Z,0
CVE-2022-26532,https://securityvulnerability.io/vulnerability/CVE-2022-26532,Argument Injection Vulnerability in Zyxel USG/ZyWALL Series Firmware,"A vulnerability exists within the 'packet-trace' CLI command in various Zyxel firmware versions, allowing a local authenticated attacker to inject crafted arguments that could potentially execute arbitrary operating system commands. This poses a significant security risk for network environments relying on affected Zyxel products, highlighting the need for timely updates and strong access controls.",Zyxel,"Usg/zywall Series Firmware,Usg Flex Series Firmware,Atp Series Firmware,Vpn Series Firmware,Nsg Series Firmware,Nxc2500 Firmware,Nap203 Firmware,Nwa50ax Firmware,Wac500 Firmware,Wax510d Firmware",7.8,HIGH,0.0005099999834783375,false,,false,false,false,,,false,false,,2022-05-24T05:20:09.000Z,0
CVE-2022-26531,https://securityvulnerability.io/vulnerability/CVE-2022-26531,Improper Input Validation Vulnerabilities in Zyxel Firewall Products,"Multiple improper input validation flaws in Zyxel's CLI commands for various firewall and network security products could allow authenticated local attackers to execute malicious payloads. Exploitation may lead to severe consequences such as buffer overflow, potentially resulting in a system crash, which compromises the integrity and availability of the affected systems. The vulnerability spans across several firmware versions, necessitating immediate attention from users and administrators to mitigate risks.",Zyxel,"Usg/zywall Series Firmware,Usg Flex Series Firmware,Atp Series Firmware,Vpn Series Firmware,Nsg Series Firmware,Nxc2500 Firmware,Nap203 Firmware,Nwa50ax Firmware,Wac500 Firmware,Wax510d Firmware",6.1,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-05-24T05:05:12.000Z,0