Zyxel Gs1900-8 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Zyxel Gs1900-8 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2019-15800 — CVSS 9.8 (critical): An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Due to lack of input validation in the…
CVE-2019-15803 — CVSS 9.1 (critical): An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Through an undocumented sequence of keypresses…
CVE-2019-15799 — CVSS 8.8 (high): An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. User accounts created through the web interface of the…
CVE-2019-15804 — CVSS 7.5 (high): An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. By sending a signal to the CLI process, undocumented…
CVE-2019-15801 — CVSS 7.5 (high): An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware image contains encrypted passwords that…
CVE-2021-35031 — CVSS 6.8 (medium): A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow…
CVE-2024-8881 — CVSS 6.8 (medium): A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and…
CVE-2022-45853 — CVSS 6.7 (medium): The privilege escalation vulnerability in the Zyxel GS1900-8 firmware version V2.70(AAHH.3) and the GS1900-8HP firmware version…
CVE-2021-35032 — CVSS 6.4 (medium): A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute…
CVE-2019-15802 — CVSS 5.9 (medium): An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware hashes and encrypts passwords using a…
CVE-2022-34746 — CVSS 5.9 (medium): An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was…
CVE-2023-35140 — CVSS 5.5 (medium): The improper privilege management vulnerability in the Zyxel GS1900-24EP switch firmware version V2.70(ABTO.5) could allow an authenticated…
CVE-2024-38270 — CVSS 5.3 (medium): An insufficient entropy vulnerability caused by the improper use of a randomness function with low entropy for web authentication tokens…
CVE-2024-8882 — CVSS 4.5 (medium): A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow…
CVE-2021-35030 — CVSS 3.5 (low): A vulnerability was found in the CGI program in Zyxel GS1900-8 firmware version V2.60, that did not properly sterilize packet contents and…