CVSS: 9.8EPSS: 0%CPEs: 74EXPL: 0CVE-2021-35029
https://notcve.org/view.php?id=CVE-2021-35029
An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device. Una vulnerabilidad de omisión de la autenticación en la interfaz de administración basada en web de Zyxel USG/Zywall series versiones de firmware 4.35 hasta 4.64 y USG Flex, ATP, y VPN versiones de firmware 4.35 hasta 5.01, que podría permitir a un atacante remoto ejecutar comandos arbitrarios en un dispositivo afectado • https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2016-10227
https://notcve.org/view.php?id=CVE-2016-10227
Zyxel USG50 Security Appliance and NWA3560-N Access Point allow remote attackers to cause a denial of service (CPU consumption) via a flood of ICMPv4 Port Unreachable packets. Zyxel USG50 Security Appliance y NWA3560-N Access Point permiten a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de una inundación de paquetes ICMPv4 Port Unreachable. • http://www.securityfocus.com/bid/97105 http://www.zyxel.com/support/announcement_blacknurse_attack.shtml https://cxsecurity.com/issue/WLB-2017020177 • CWE-399: Resource Management Errors •