Every CVE whose affected-product data names Zyxel Uos, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2025-1731 — CVSS 7.8 (high): An incorrect permission assignment vulnerability in the PostgreSQL commands of the Zyxel USG FLEX H series uOS firmware versions from V1.20…
CVE-2023-6398 — CVSS 7.2 (high): A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through…
CVE-2025-1732 — CVSS 6.7 (medium): An improper privilege management vulnerability in the recovery function of the Zyxel USG FLEX H series uOS firmware version V1.31 and…
CVE-2023-6399 — CVSS 5.7 (medium): A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from…
CVE-2024-9677 — CVSS 5.5 (medium): The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series uOS firmware version V1.21 and earlier…