CVSS: 5.9EPSS: 0%CPEs: 50EXPL: 0CVE-2015-7256
https://notcve.org/view.php?id=CVE-2015-7256
27 Sep 2017 — ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys. Los puntos de acceso ZyXEL NWA1100-N, NWA1100-NH, ... • http://www.kb.cert.org/vuls/id/566724 • CWE-310: Cryptographic Issues •
CVSS: 10.0EPSS: 4%CPEs: 4EXPL: 0CVE-2015-6016
https://notcve.org/view.php?id=CVE-2015-6016
31 Dec 2015 — ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspecified vectors. Dispositivos ZyXEL P-660HW-T1 2 con firmware ZyNOS 3.40(AXH.0), dispositivos PMG5318-B20A con firmware 1.00AANC0b5 y dispositivos NBG-418N tienen una contraseña por defecto de 1234 para la cuenta de admin, lo que permite a atacantes remotos ... • http://www.securitytracker.com/id/1034552 • CWE-255: Credentials Management Errors •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6019
https://notcve.org/view.php?id=CVE-2015-6019
31 Dec 2015 — The management portal on ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 does not terminate sessions upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation. El portal de gestión en dispositivos ZyXEL PMG5318-B20A con firmware 1.00AANC0b5 no finaliza sesión sobre una acción de cierre de sesión, lo que permite a atacantes remotos eludir las restricciones destinadas al acceso aprovechando una estación de trabajo sin supervisión. • http://www.securitytracker.com/id/1034553 •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6020
https://notcve.org/view.php?id=CVE-2015-6020
31 Dec 2015 — ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 allow remote authenticated users to obtain administrative privileges by leveraging access to the user account. Dispositivos ZyXEL PMG5318-B20A con firmware 1.00AANC0b5 permiten a usuarios remotos autenticados obtener privilegios administrativos aprovechando el acceso a la cuenta de usuario. • http://www.securitytracker.com/id/1034553 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 24%CPEs: 1EXPL: 2CVE-2015-6018 – ZYXEL PMG5318-B20A - OS Command Injection
https://notcve.org/view.php?id=CVE-2015-6018
14 Oct 2015 — The diagnostic-ping implementation on ZyXEL PMG5318-B20A devices with firmware before 1.00(AANC.2)C0 allows remote attackers to execute arbitrary commands via the PingIPAddr parameter. La implementación de diagnostic-ping en dispositivos ZyXEL PMG5318-B20A con firmware anterior a 1.00(AANC.2)C0 permite a atacantes remotos ejecutar comandos arbitrarios a través del parámetro PingIPAddr. ZyXEL PMG5318-B20A suffers from a command injection vulnerability via the ping function. • https://packetstorm.news/files/id/133960 • CWE-264: Permissions, Privileges, and Access Controls •