Zyxel Uos vulnerabilities
5 known vulnerabilities affecting zyxel/uos.
Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-1731HIGHCVSS 7.8PoC≥ 1.20, < 1.322025-04-22
CVE-2025-1731 [HIGH] CWE-732 CVE-2025-1731: An incorrect permission assignment vulnerability in the PostgreSQL commands of the Zyxel USG FLEX H
An incorrect permission assignment vulnerability in the PostgreSQL commands of the Zyxel USG FLEX H series uOS firmware versions from V1.20 through V1.31 could allow an authenticated local attacker with low privileges to gain access to the Linux shell and escalate their privileges by crafting malicious scripts or modifying system configurations with admi
nvd
CVE-2025-1732MEDIUMCVSS 6.7v1.312025-04-22
CVE-2025-1732 [MEDIUM] CWE-269 CVE-2025-1732: An improper privilege management vulnerability in the recovery function of the Zyxel USG FLEX H seri
An improper privilege management vulnerability in the recovery function of the Zyxel USG FLEX H series uOS firmware version V1.31 and earlier could allow an authenticated local attacker with administrator privileges to upload a crafted configuration file and escalate privileges on a vulnerable device.
nvd
CVE-2024-9677HIGHCVSS 7.8fixed in 1.302024-10-22
CVE-2024-9677 [MEDIUM] CWE-522 CVE-2024-9677: The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series u
The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series uOS firmware version V1.21 and earlier versions could allow an authenticated local attacker to gain privilege escalation by stealing the authentication token of a login administrator. Note that this attack could be successful only if the administrator ha
nvd
CVE-2023-6398HIGHCVSS 7.2v1.102024-02-20
CVE-2023-6398 [HIGH] CWE-78 CVE-2023-6398: A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series
A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1,
nvd
CVE-2023-6399MEDIUMCVSS 6.5v1.102024-02-20
CVE-2023-6399 [MEDIUM] CWE-134 CVE-2023-6399: A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1,
A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, and USG FLEX H series firmware versions from 1
nvd