CVE-2021-35029 — CVSS 9.8 (critical): An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through…
CVE-2019-12583 — CVSS 9.1 (critical): Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices allows a remote attacker to generate…
CVE-2022-26532 — CVSS 7.8 (high): A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG…
CVE-2022-0910 — CVSS 6.5 (medium): A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series…
CVE-2022-26531 — CVSS 6.1 (medium): Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through…
CVE-2019-12581 — CVSS 6.1 (medium): A reflective Cross-site scripting (XSS) vulnerability in the free_time_failed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG…
CVE-2022-0734 — CVSS 5.8 (medium): A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG…