Zyxel Gs1900-10hp Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Zyxel Gs1900-10hp Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (34)
CVE-2015-5989 — CVSS 9.8 (critical): Belkin F9K1102 2 devices with firmware 2.10.17 rely on client-side JavaScript code for authorization, which allows remote attackers to…
CVE-2015-5988 — CVSS 9.8 (critical): The web management interface on Belkin F9K1102 2 devices with firmware 2.10.17 has a blank password, which allows remote attackers to…
CVE-2019-15800 — CVSS 9.8 (critical): An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Due to lack of input validation in the…
CVE-2016-1329 — CVSS 9.8 (critical): Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices…
CVE-2019-15803 — CVSS 9.1 (critical): An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Through an undocumented sequence of keypresses…
CVE-2015-5990 — CVSS 8.8 (high): Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17 allows remote attackers to hijack the…
CVE-2019-15799 — CVSS 8.8 (high): An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. User accounts created through the web interface of the…
CVE-2016-1302 — CVSS 8.8 (high): Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI…
CVE-2015-5987 — CVSS 8.6 (high): Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorithm for selecting the ID value in the header of a DNS query, which…
CVE-2015-0718 — CVSS 7.5 (high): Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows…
CVE-2015-6260 — CVSS 7.5 (high): Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote…
CVE-2015-6312 — CVSS 7.5 (high): Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices…
CVE-2015-6313 — CVSS 7.5 (high): Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and…
CVE-2015-6398 — CVSS 7.5 (high): Cisco Nexus 9000 Application Centric Infrastructure (ACI) Mode switches with software before 11.0(1c) allow remote attackers to cause a…
CVE-2016-1348 — CVSS 7.5 (high): Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted…
CVE-2016-1349 — CVSS 7.5 (high): The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a…
CVE-2016-1350 — CVSS 7.5 (high): Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial…
CVE-2019-15801 — CVSS 7.5 (high): An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware image contains encrypted passwords that…
CVE-2019-15804 — CVSS 7.5 (high): An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. By sending a signal to the CLI process, undocumented…
CVE-2021-35031 — CVSS 6.8 (medium): A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow…
CVE-2024-8881 — CVSS 6.8 (medium): A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and…
CVE-2022-45853 — CVSS 6.7 (medium): The privilege escalation vulnerability in the Zyxel GS1900-8 firmware version V2.70(AAHH.3) and the GS1900-8HP firmware version…
CVE-2021-35032 — CVSS 6.4 (medium): A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute…
CVE-2022-34746 — CVSS 5.9 (medium): An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was…
CVE-2019-15802 — CVSS 5.9 (medium): An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware hashes and encrypts passwords using a…
CVE-2016-1346 — CVSS 5.9 (medium): The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to…
CVE-2016-1344 — CVSS 5.9 (medium): The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service…
CVE-2023-35140 — CVSS 5.5 (medium): The improper privilege management vulnerability in the Zyxel GS1900-24EP switch firmware version V2.70(ABTO.5) could allow an authenticated…
CVE-2016-1307 — CVSS 5.4 (medium): The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which…
CVE-2024-38270 — CVSS 5.3 (medium): An insufficient entropy vulnerability caused by the improper use of a randomness function with low entropy for web authentication tokens…
CVE-2024-8882 — CVSS 4.5 (medium): A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow…
CVE-2021-35030 — CVSS 3.5 (low): A vulnerability was found in the CGI program in Zyxel GS1900-8 firmware version V2.60, that did not properly sterilize packet contents and…