Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Zyxel Subscribe
Filtered by product Zywall 2
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-4316 1 Zyxel 2 Zynos, Zywall 2 2018-10-15 4.3 MEDIUM N/A
The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions.
CVE-2007-4317 1 Zyxel 2 Zynos, Zywall 2 2018-10-15 4.3 MEDIUM N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allow remote attackers to perform certain actions as administrators, as demonstrated by a request to Forms/General_1 with the (1) sysSystemName and (2) sysDomainName parameters.
CVE-2007-4318 1 Zyxel 2 Zynos, Zywall 2 2018-10-15 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Forms/General_1 in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote authenticated administrators to inject arbitrary web script or HTML via the sysSystemName parameter.
CVE-2007-4319 1 Zyxel 2 Zynos, Zywall 2 2018-10-15 4.0 MEDIUM N/A
The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service (infinite reboot loop) via invalid configuration data. NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF; if so, then it should not be included in CVE.