cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-35028,https://securityvulnerability.io/vulnerability/CVE-2021-35028,Command Injection Vulnerability in Zyxel VPN2S Firmware,"A command injection issue has been identified within the CGI program of the Zyxel VPN2S firmware version 1.12, enabling an authenticated local user to execute arbitrary operating system commands. This vulnerability poses a substantial risk to system integrity, allowing misuse of system resources and potential escalation of privileges.",Zyxel,Zywall Vpn2s Firmware,7.3,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-09-29T10:35:57.000Z,0
CVE-2021-35027,https://securityvulnerability.io/vulnerability/CVE-2021-35027,Directory Traversal Vulnerability in Zyxel VPN2S Firmware,A directory traversal vulnerability exists in the web server of Zyxel's VPN2S firmware version 1.12. This flaw may allow an unauthorized remote attacker to manipulate file paths and potentially gain access to sensitive files and information within the system. Proper security measures should be taken to mitigate this risk as outlined in Zyxel's security advisory.,Zyxel,Zywall Vpn2s Firmware,7.5,HIGH,0.005379999987781048,false,,false,false,false,,,false,false,,2021-09-29T10:32:04.000Z,0