Zyxel Atp700 Firmware vulnerabilities
23 known vulnerabilities affecting zyxel/atp700_firmware.
Total CVEs
23
CISA KEV
5
actively exploited
Public exploits
6
Exploited in wild
5
Severity breakdown
CRITICAL6HIGH9MEDIUM8
Vulnerabilities
Page 2 of 2
CVE-2022-30525CRITICALCVSS 9.8KEVPoC≥ 5.10, < 5.302022-05-12
CVE-2022-30525 [CRITICAL] CWE-78 CVE-2022-30525: A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21
nvd
CVE-2022-0342CRITICALCVSS 9.8PoC≥ 4.32, ≤ 5.202022-03-28
CVE-2022-0342 [CRITICAL] CWE-287 CVE-2022-0342: An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versio
An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware versions V1.20 through V1.33 Patch 4, which could allow
nvd
CVE-2020-29583CRITICALCVSS 9.8KEVPoCv4.602020-12-22
CVE-2020-29583 [CRITICAL] CWE-522 CVE-2020-29583: Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchange
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges.
nvd
← Previous2 / 2