Zyxel Nxc5500 Firmware vulnerabilities

4 known vulnerabilities affecting zyxel/nxc5500_firmware.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2023-34141HIGHCVSS 8.0≥ 6.10\(aaos.0\), ≤ 6.10\(aaos.4\)v 6.10(AAOS.0) through 6.10(AAOS.4)2023-07-17
CVE-2023-34141 [HIGH] CWE-78 CVE-2023-34141: A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP serie A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.00 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.00 through 5.36 Patch 2, VPN series fir
cvelistv5nvd
CVE-2023-34140MEDIUMCVSS 6.5≥ 6.10\(aaos.0\), ≤ 6.10\(aaos.4\)v6.10(AAOS.0) through 6.10(AAOS.4)2023-07-17
CVE-2023-34140 [MEDIUM] CWE-120 CVE-2023-34140: A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN series firmware versions 4.30 through 5.36 Patch 2, N
cvelistv5nvd
CVE-2022-26532HIGHCVSS 7.8≤ 6.10\(aaos.3\)2022-05-24
CVE-2022-26532 [HIGH] CWE-88 CVE-2022-26532: A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firm A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware
nvd
CVE-2022-26531HIGHCVSS 7.8PoC≤ 6.10\(aaos.3\)2022-05-24
CVE-2022-26531 [MEDIUM] CWE-20 CVE-2022-26531: Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL se Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC25
nvd