Zyxel Zywall Vpn300 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Zyxel Zywall Vpn300 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2021-35029 — CVSS 9.8 (critical): An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through…
CVE-2019-12583 — CVSS 9.1 (critical): Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices allows a remote attacker to generate…
CVE-2023-33011 — CVSS 8.8 (high): A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00…
CVE-2023-33012 — CVSS 8.8 (high): A command injection vulnerability in the configuration parser of the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX…
CVE-2023-28767 — CVSS 8.8 (high): The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX…
CVE-2023-34139 — CVSS 8.8 (high): A command injection vulnerability in the Free Time WiFi hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.36…
CVE-2023-34141 — CVSS 8.0 (high): A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 through 5.36…
CVE-2023-34138 — CVSS 8.0 (high): A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2…
CVE-2023-34140 — CVSS 6.5 (medium): A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50…