CVSS: 7.8EPSS: 1%CPEs: 145EXPL: 2CVE-2022-26531 – Zyxel zysh Format String Proof of Concept
https://notcve.org/view.php?id=CVE-2022-26531
24 May 2022 — Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earl... • https://packetstorm.news/files/id/177036 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 2%CPEs: 228EXPL: 0CVE-2020-25014
https://notcve.org/view.php?id=CVE-2020-25014
27 Nov 2020 — A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet. Un desbordamiento de búfer en la región stack de la memoria en el archivo fbwifi_continue.cgi en Zyxel serie UTM y VPN de puertas de enlace que ejecutan la versión de firmware V4.30 hasta la V4.55, lo que permite a atacantes remotos no autenticados ejecutar código arbitrario po... • https://businessforum.zyxel.com/categories/security-news-and-release • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 34EXPL: 0CVE-2018-9129
https://notcve.org/view.php?id=CVE-2018-9129
15 Aug 2018 — ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in their Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections. Los dispositivos ZyXEL de la serie ZyWALL/USG tienen una vulnerabilidad de Bleichenbacher en su implementación de handshake de intercambio de claves de Internet (IKE) utilizado para conexiones VPN basadas en IPsec. • ftp://ftp.zyxel.com/USG110/firmware/USG110_4.32%28AAPH.0%29C0_2.pdf •