CVE-2021-35029 — CVSS 9.8 (critical): An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through…
CVE-2023-27991 — CVSS 8.8 (high): The post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmware versions 4.32 through 5.35, USG…
CVE-2023-6764 — CVSS 8.1 (high): A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1…
CVE-2022-30526 — CVSS 7.8 (high): A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG…
CVE-2022-38547 — CVSS 7.2 (high): A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72…
CVE-2023-6398 — CVSS 7.2 (high): A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through…
CVE-2023-22918 — CVSS 6.5 (medium): A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG…
CVE-2022-2030 — CVSS 6.5 (medium): A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI…
CVE-2023-6399 — CVSS 5.7 (medium): A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from…
CVE-2023-27990 — CVSS 4.8 (medium): The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions…