Zyxel Wbe530 Firmware vulnerabilities

CVE-2025-6265 [HIGH] CWE-22 CVE-2025-6265: A path traversal vulnerability in the file_upload-cgi CGI program of Zyxel NWA50AX PRO firmware vers A path traversal vulnerability in the file_upload-cgi CGI program of Zyxel NWA50AX PRO firmware version 7.10(ACGE.2) and earlier could allow an authenticated attacker with administrator privileges to access specific directories and delete files, such as the configuration file, on the affected device.

CVE-2024-12398 [HIGH] CWE-269 CVE-2024-12398: An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 f An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a

CVE-2024-7261 [CRITICAL] CWE-78 CVE-2024-7261: The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) and earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) and earlier, and USG LITE 60AX firmware version V2.00(ACIP