CVSS: 9.8EPSS: 5%CPEs: 48EXPL: 0CVE-2022-0342
https://notcve.org/view.php?id=CVE-2022-0342
An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware versions V1.20 through V1.33 Patch 4, which could allow an attacker to bypass the web authentication and obtain administrative access of the device. Una vulnerabilidad de omisión de autenticación en el programa CGI de USG/ZyWALL de Zyxel versiones de firmware de las series 4.20 a 4.70, las versiones de firmware de la serie USG FLEX 4.50 a 5.20, las versiones de firmware de la serie ATP 4.32 a 5.20, las versiones de firmware de la serie VPN 4.30 a 5.20 y las versiones de firmware de la serie NSG V1.20 a V1.33 Parche 4, que podría permitir a un atacante omitir la autenticación web y obtener acceso administrativo al dispositivo • https://www.zyxel.com/support/Zyxel-security-advisory-for-authentication-bypass-vulnerability-of-firewalls.shtml • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 74EXPL: 0CVE-2021-35029
https://notcve.org/view.php?id=CVE-2021-35029
An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device. Una vulnerabilidad de omisión de la autenticación en la interfaz de administración basada en web de Zyxel USG/Zywall series versiones de firmware 4.35 hasta 4.64 y USG Flex, ATP, y VPN versiones de firmware 4.35 hasta 5.01, que podría permitir a un atacante remoto ejecutar comandos arbitrarios en un dispositivo afectado • https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 97%CPEs: 54EXPL: 2CVE-2020-9054 – Zyxel Multiple NAS Devices OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2020-9054
Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. • https://github.com/darrenmartyn/CVE-2020-9054 https://cwe.mitre.org/data/definitions/78.html https://kb.cert.org/artifacts/cve-2020-9054.html https://kb.cert.org/vuls/id/498544 https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.1EPSS: 3%CPEs: 42EXPL: 2CVE-2019-9955 – Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-9955
On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized 'mp_idx' parameter. En dispositivos Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100. La página de inicio de sesión del servidor de seguridad es vulnerable a Reflected XSS por medio del parámetro 'mp_idx' no saneado. ZyWall 310, ZyWall 110, USG1900, ATP500, and USG40 devices suffer from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/46706 http://packetstormsecurity.com/files/152525/Zyxel-ZyWall-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2019/Apr/22 https://www.securitymetrics.com/blog/Zyxel-Devices-Vulnerable-Cross-Site-Scripting-Login-page https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •