Vulnerabilidades en Zyxel
165 resultadosCVE-2023-22919HIGHThe post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01(ABIR.0)C0 could allow an authenticated aEPSS 1.6%CVE-2022-34747CRITICALA format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized reEPSS 1.5%CVE-2023-27991HIGHThe post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEXEPSS 1.5%CVE-2025-8078HIGHA post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmwaEPSS 1.5%CVE-2023-33013HIGHA post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an auEPSS 1.4%CVE-2023-27988HIGHThe post-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.13)C0 could allow an autheEPSS 1.4%CVE-2025-13943HIGHA post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.5EPSS 1.4%CVE-2025-11730HIGHA post‑authentication command injection vulnerability in the Dynamic DNS (DDNS) configuration CLI command in Zyxel ATP series firmware versiEPSS 1.4%CVE-2024-42059HIGHA post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmwaEPSS 1.3%CVE-2024-42060HIGHA post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmwaEPSS 1.3%CVE-2024-7203HIGHA post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firEPSS 1.3%CVE-2023-6398HIGHA post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37EPSS 1.3%CVE-2024-42057HIGHA command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series fEPSS 1.3%CVE-2023-22913HIGHA post-authentication command injection vulnerability in the “account_operator.cgi” CGI program of Zyxel USG FLEX series firmware versions 4EPSS 1.3%CVE-2026-1460HIGHA post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EXEPSS 1.2%CVE-2024-12009HIGHA post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70(ACDZ.3.6)C0 and eEPSS 1.1%CVE-2024-11253HIGHA post-authentication command injection vulnerability in the "DNSServer” parameter of the diagnostic function in the Zyxel VMG8825-T50K firmEPSS 1.1%CVE-2025-11846MEDIUMA null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9EPSS 1.1%CVE-2022-30526HIGHA privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEEPSS 1.1%CVE-2024-9200HIGHA post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versEPSS 1.1%