Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-43389 | 1 Zyxel | 34 Ep240p, Ep240p Firmware, Lte3202-m437 and 31 more | 2023-01-18 | N/A | 9.8 CRITICAL |
A buffer overflow vulnerability in the library of the web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device. | |||||
CVE-2021-35036 | 1 Zyxel | 62 Ax7501-b0, Ax7501-b0 Firmware, Dx3301-t0 and 59 more | 2022-09-30 | 3.5 LOW | 6.5 MEDIUM |
A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file. | |||||
CVE-2022-26414 | 1 Zyxel | 64 Ax7501-b0, Ax7501-b0 Firmware, Dx5401-b0 and 61 more | 2022-04-14 | 4.9 MEDIUM | 5.5 MEDIUM |
A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service. | |||||
CVE-2022-26413 | 1 Zyxel | 64 Ax7501-b0, Ax7501-b0 Firmware, Dx5401-b0 and 61 more | 2022-04-14 | 7.7 HIGH | 8.0 HIGH |
A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface. |