Zyxel Usg 20W-Vpn Firmware vulnerabilities
18 known vulnerabilities affecting zyxel/usg_20w-vpn_firmware.
Total CVEs
18
CISA KEV
2
actively exploited
Public exploits
1
Exploited in wild
2
Severity breakdown
CRITICAL2HIGH11MEDIUM5
Vulnerabilities
Page 1 of 1
CVE-2023-34138HIGHCVSS 8.0≥ 4.60, < 5.372023-07-17
CVE-2023-34138 [HIGH] CWE-78 CVE-2023-34138: A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware
A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2, USG FLEX series firmware versions 4.60 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.60 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.60 through 5.36 Patch 2, and VPN series firmware
nvd
CVE-2023-33011HIGHCVSS 8.8≥ 5.10, < 5.372023-07-17
CVE-2023-33011 [HIGH] CWE-134 CVE-2023-33011: A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, U
A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.10 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN series firmware versions 5.00 through 5.36 Patch 2, c
nvd
CVE-2023-34141HIGHCVSS 8.0≥ 5.00, < 5.372023-07-17
CVE-2023-34141 [HIGH] CWE-78 CVE-2023-34141: A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP serie
A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.00 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.00 through 5.36 Patch 2, VPN series fir
nvd
CVE-2023-33012HIGHCVSS 8.8≥ 5.10, < 5.372023-07-17
CVE-2023-33012 [HIGH] CWE-78 CVE-2023-33012: A command injection vulnerability in the configuration parser of the Zyxel ATP series firmware versi
A command injection vulnerability in the configuration parser of the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.10 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN series firmware versio
nvd
CVE-2023-28767HIGHCVSS 8.8≥ 5.10, < 5.372023-07-17
CVE-2023-28767 [HIGH] CWE-78 CVE-2023-28767: The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware ve
The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions 5.00 through 5.36, USG FLEX 50(W) series firmware versions 5.10 through 5.36,
USG20(W)-VPN series firmware versions 5.10 through 5.36, and VPN series firmware versions 5.00 through 5.36. An una
nvd
CVE-2023-34140MEDIUMCVSS 6.5≥ 4.16, < 5.372023-07-17
CVE-2023-34140 [MEDIUM] CWE-120 CVE-2023-34140: A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2,
A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN series firmware versions 4.30 through 5.36 Patch 2, N
nvd
CVE-2023-33009CRITICALCVSS 9.8KEV≥ 4.60, < 5.36v5.362023-05-24
CVE-2023-33009 [CRITICAL] CWE-120 CVE-2023-33009: A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4
A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.
nvd
CVE-2023-33010CRITICALCVSS 9.8KEVv5.362023-05-24
CVE-2023-33010 [CRITICAL] CWE-120 CVE-2023-33010: A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions
A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.
nvd
CVE-2023-22916HIGHCVSS 8.1≥ 5.10, ≤ 5.352023-04-24
CVE-2023-22916 [HIGH] CWE-20 CVE-2023-22916: The configuration parser of Zyxel ATP series firmware versions 5.10 through 5.35, USG FLEX series fi
The configuration parser of Zyxel ATP series firmware versions 5.10 through 5.35, USG FLEX series firmware versions 5.00 through 5.35, USG FLEX 50(W) firmware versions 5.10 through 5.35, USG20(W)-VPN firmware versions 5.10 through 5.35, and VPN series firmware versions 5.00 through 5.35, which fails to properly sanitize user input. A remote unauthentic
nvd
CVE-2023-22917HIGHCVSS 7.5≥ 5.10, ≤ 5.322023-04-24
CVE-2023-22917 [HIGH] CWE-120 CVE-2023-22917: A buffer overflow vulnerability in the “sdwan_iface_ipc” binary of Zyxel ATP series firmware version
A buffer overflow vulnerability in the “sdwan_iface_ipc” binary of Zyxel ATP series firmware versions 5.10 through 5.32, USG FLEX series firmware versions 5.00 through 5.32, USG FLEX 50(W) firmware versions 5.10 through 5.32, USG20(W)-VPN firmware versions 5.10 through 5.32, and VPN series firmware versions 5.00 through 5.35, which could allow a remot
nvd
CVE-2023-27991HIGHCVSS 8.8≥ 4.16, < 5.362023-04-24
CVE-2023-27991 [HIGH] CWE-78 CVE-2023-27991: The post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmw
The post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could all
nvd
CVE-2023-22915HIGHCVSS 7.5≥ 4.30, ≤ 5.352023-04-24
CVE-2023-22915 [HIGH] CWE-120 CVE-2023-22915: A buffer overflow vulnerability in the “fbwifi_forward.cgi” CGI program of Zyxel USG FLEX series fir
A buffer overflow vulnerability in the “fbwifi_forward.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.30 through 5.35, USG20(W)-VPN firmware versions 4.30 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote unauthenticated attacker to cause DoS
nvd
CVE-2023-27990MEDIUMCVSS 4.8≥ 4.16, < 5.362023-04-24
CVE-2023-27990 [MEDIUM] CWE-79 CVE-2023-27990: The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35
The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker
nvd
CVE-2023-22918MEDIUMCVSS 6.5≥ 4.16, < 5.362023-04-24
CVE-2023-22918 [MEDIUM] CWE-359 CVE-2023-22918: A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firm
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmwa
nvd
CVE-2022-26532HIGHCVSS 7.8≥ 4.09, ≤ 4.712022-05-24
CVE-2022-26532 [HIGH] CWE-88 CVE-2022-26532: A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firm
A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware
nvd
CVE-2022-26531HIGHCVSS 7.8PoC≥ 4.09, ≤ 4.712022-05-24
CVE-2022-26531 [MEDIUM] CWE-20 CVE-2022-26531: Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL se
Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC25
nvd
CVE-2022-0910MEDIUMCVSS 6.5≥ 4.32, ≤ 4.712022-05-24
CVE-2022-0910 [MEDIUM] CWE-287 CVE-2022-0910: A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI pro
A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, and VPN series firmware versions 4.32 through 5.21, that could allow an authenticat
nvd
CVE-2022-0734MEDIUMCVSS 6.1≥ 4.35, ≤ 4.702022-05-24
CVE-2022-0734 [MEDIUM] CWE-79 CVE-2022-0734: A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series fi
A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that could allow an attacker to obtain some information stored in
nvd