Zyxel Vulnerabilidad

Cronología

Escribe

Producto

ZyXEL CloudCNM SecuManager37
Zyxel USG FLEX32
Zyxel ATP30
Zyxel VPN28
Zyxel USG FLEX 5013

Contramedidas

Official Fix41
Temporary Fix1
Workaround22
Unavailable24
Not Defined170

Explotabilidad

High12
Functional3
Proof-of-Concept30
Unproven9
Not Defined204

Vector de acceso

Not Defined0
Physical1
Local19
Adjacent37
Network201

Autenticación

Not Defined0
High12
Low73
None173

La interacción del usuario

Not Defined0
Required39
None219

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤410
≤541
≤645
≤748
≤863
≤929
≤1022

CVSSv3 Temp

≤10
≤20
≤30
≤413
≤546
≤644
≤754
≤851
≤931
≤1019

VulDB

≤10
≤20
≤37
≤426
≤540
≤651
≤737
≤859
≤916
≤1022

NVD

≤10
≤20
≤30
≤40
≤52
≤624
≤714
≤815
≤921
≤1027

CNA

≤10
≤20
≤30
≤42
≤56
≤615
≤713
≤825
≤916
≤1014

Proveedor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Explotar día 0

<1k3
<2k17
<5k139
<10k83
<25k16
<50k0
<100k0
≥100k0

Explotar hoy

<1k114
<2k54
<5k61
<10k25
<25k4
<50k0
<100k0
≥100k0

Explotar el volumen del mercado

🔴 CTI Ocupaciones

Affected Products (152): 642R (1), AP Configurator (1), APT (1), ARMOR Z1 (2), ARMOR Z2 (2), ATP (30), ATP500 (1), AX7501-B0 (2), Armor X1 WAP6806 (1), Billion 5200W-T (6), C1000Z (1), CloudCNM SecuManager (37), DX5401-B0 (2), EMG2926 (1), FR1000Z (1), GS1200 (1), GS1510-16 (1), GS1900 (9), GS1900-8 (3), GS1900-8HP (1), GS1900-24 (1), GS1900-24EP (1), GS1920-24v2 (1), LTE3301-M209 (1), LTE3316-M604 (1), LTE4506-M606 (1), Multy X AC3000 (1), NAS (1), NAS326 (12), NAS 326 (5), NAS520 (2), NAS540 (4), NAS542 (10), NBG-418N (3), NBG-418N v2 (7), NBG-6604 (1), NBG2105 (1), NBG6604 (3), NBG6716 (1), NBG6818 (1), NBG7510 (1), NBG7815 (1), NR7101 (5), NSA221 (2), NSA310 (2), NSA320S (2), NSA325 (2), NSA325 V2 (2), NSG (1), NWA-1100-NH (2), NWA50AX (3), NWA110AX (1), NWA1123-NI (1), NWA3560-N (1), O2 DSL Router Classic (1), P-330W router (2), P-335WT router (1), P-660HN-51 (1), P-660HN-T1 V2 (1), P-660HW (6), P-660HW-T1 (3), P-660HW D3 (1), P-660RU-T1 (1), P-663HN-51 (1), P-870H-51 (1), P-1302-T10D v3 (1), P-2602HW-D1A (3), P660 (1), P660HN-T1A (4), P660HN-T v1 (2), P660HN-T v2 (2), P660RT2 (2), P1302-T10 v3 (1), P2000W Wifi Phone (1), P8702N (1), PK5001Z (1), PMG2005-T20B (1), PMG5318-B20A (4), PMG5318-B20A GPON (1), Prestige (3), Prestige 310 (1), Prestige 642R (1), Prestige 642R-I (1), Prestige 660H-61 (1), Prestige 2000w V.1voip Wi-fi Phone (2), Prestige Router (1), Q1000 (1), SBG-3300 (2), SBG3300-N000 (1), SBG3300-NB00 (1), SBG3500-N000 (1), SecuExtender SSL VPN Client (1), UAG (2), USG (13), USG20 (2), USG20-VPN (11), USG40 (1), USG50 (1), USG1900 (1), USG FLEX (32), USG FLEX 20 (1), USG FLEX 50 (14), USG FLEX 100 (3), USG FLEX 200 (3), USG FLEX 500 (3), USG FLEX 700 (3), USG Flex (2), USG ZyWALL (2), UTM (1), VMG1312-B10A (1), VMG1312-B10D (1), VMG1312-B30A (1), VMG1312-B30B (1), VMG3312 B10B (1), VMG3312-B10B (1), VMG3312-B10B DSL-491HNU-B1B (1), VMG3312-T20A (2), VMG4380-B10A (1), VMG5313-B30B (2), VMG8324-B10A (1), VMG8924-B10A (1), VMG8924-B30A (1), VPN (29), VPN2S (2), VPN On-premise (1), VPN Orchestrator (1), VSG1435-B101 DSL CPEs (1), WAC500 (3), WAX300H (3), WBE660S (3), WRE6505 (1), WSQ20 (1), WSQ50 (1), WSQ60 (1), WSR30 (1), Wireless N300 NetUSB (4), XGS2210-52HP (1), XGS2220-30 (1), XMG1930-30 (1), XS1930-10 (1), ZyNOS (12), ZyWALL (8), ZyWALL 2 Plus Internet Security Appliance (1), ZyWALL 10 (1), ZyWALL 100 (1), ZyWALL310 (1), ZyWALL1100 (1), ZyWALL USG (2), ZyWall (2), ZynOS (1), Zywall (3), Zywall 2 (4)

Link to Vendor Website: https://www.zyxel.com/

Fecha de publicaciónBaseTempVulnerabilidadProdExpConCTIEPSSCVE
2024-02-206.56.5Zyxel ATP/USG FLEX RAR File denegación de servicioDesconocidoNot DefinedNot Defined0.040.00044CVE-2023-6397
2024-02-205.75.7Zyxel ATP/USG FLEX/USG FLEX 50/USG20-VPN IPSec VPN Format StringNetwork Encryption SoftwareNot DefinedNot Defined0.020.00043CVE-2023-6399
2024-02-207.27.0Zyxel ATP escalada de privilegiosNetwork Encryption SoftwareNot DefinedOfficial Fix0.020.00052CVE-2023-6398
2024-02-208.18.1Zyxel ATP/USG FLEX/USG FLEX 50/USG20-VPN IPSec VPN Format StringNetwork Encryption SoftwareNot DefinedNot Defined0.040.00043CVE-2023-6764
2024-01-307.27.2Zyxel NAS326/NAS542 URL escalada de privilegiosDesconocidoNot DefinedNot Defined0.020.00050CVE-2023-5372
2023-11-306.46.4Zyxel NAS326/NAS542 URL autenticación débilDesconocidoNot DefinedNot Defined0.020.00093CVE-2023-35137
2023-11-309.89.8Zyxel NAS326/NAS542 WSGI Server escalada de privilegiosDesconocidoNot DefinedNot Defined0.030.00100CVE-2023-4474
2023-11-308.88.8Zyxel NAS326/NAS542 WSGI Server escalada de privilegiosDesconocidoNot DefinedNot Defined0.000.00050CVE-2023-37928
2023-11-308.88.8Zyxel NAS326/NAS542 CGI Program escalada de privilegiosDesconocidoNot DefinedNot Defined0.030.00052CVE-2023-37927
2023-11-309.89.8Zyxel NAS326/NAS542 HTTP POST Request show_zysync_server_contents escalada de privilegiosDesconocidoNot DefinedNot Defined0.020.00058CVE-2023-35138
2023-11-309.89.8Zyxel NAS326/NAS542 Web Server escalada de privilegiosDesconocidoNot DefinedNot Defined0.030.00068CVE-2023-4473
2023-11-285.25.2Zyxel ATP/USG FLEX/USG FLEX 50/USG20-VPN/VPN CGI Program cross site scriptingNetwork Encryption SoftwareNot DefinedNot Defined0.020.00046CVE-2023-35139
2023-11-284.44.4Zyxel ATP/USG FLEX/USG FLEX 50/USG20-VPN/VPN Web GUI escalada de privilegiosNetwork Encryption SoftwareNot DefinedNot Defined0.000.00042CVE-2023-5650
2023-11-284.44.4Zyxel ATP Debug CLI Command escalada de privilegiosNetwork Encryption SoftwareNot DefinedNot Defined0.000.00042CVE-2023-37925
2023-11-284.44.4Zyxel ATP/USG FLEX/USG FLEX 50/USG20-VPN CLI Command desbordamiento de búferNetwork Encryption SoftwareNot DefinedNot Defined0.000.00042CVE-2023-4397
2023-11-284.44.4Zyxel ATP/USG FLEX/USG FLEX 50/USG20-VPN/VPN Configuration File divulgación de informaciónNetwork Encryption SoftwareNot DefinedNot Defined0.050.00042CVE-2023-35136
2023-11-285.55.5Zyxel ATP/USG FLEX/USG FLEX 50/USG20-VPN/VPN CLI Command desbordamiento de búferNetwork Encryption SoftwareNot DefinedNot Defined0.000.00042CVE-2023-37926
2023-11-284.44.4Zyxel USG FLEX/VPN Hotspot escalada de privilegiosNetwork Encryption SoftwareNot DefinedNot Defined0.000.00042CVE-2023-5960
2023-11-284.44.4Zyxel ATP Debug CLI Command escalada de privilegiosNetwork Encryption SoftwareNot DefinedNot Defined0.000.00042CVE-2023-5797
2023-11-287.57.5Zyxel ATP/USG FLEX/USG FLEX 50/USG20-VPN/VPN IKE Packet desbordamiento de búferNetwork Encryption SoftwareNot DefinedNot Defined0.030.00052CVE-2023-4398
2023-11-207.87.8ZyXEL SecuExtender SSL VPN Client CREATE Message desbordamiento de búferNetwork Encryption SoftwareNot DefinedNot Defined0.020.00042CVE-2023-5593
2023-11-186.76.7Zyxel GS1900-8HP/GS1900-8 escalada de privilegiosDesconocidoNot DefinedNot Defined0.020.00042CVE-2022-45853
2023-11-074.44.4Zyxel GS1900-24EP Setting escalada de privilegiosDesconocidoNot DefinedNot Defined0.000.00042CVE-2023-35140
2023-09-286.36.1ZyXEL PMG2005-T20B login.asp desbordamiento de búferRouter Operating SystemProof-of-ConceptNot Defined0.020.00052CVE-2023-43314
2023-08-145.45.4ZyXEL XGS2220-30/XMG1930-30/XS1930-10 Frames denegación de servicioDesconocidoNot DefinedNot Defined0.000.00044CVE-2023-28768

233 no se muestran más entradas

Interested in the pricing of exploits?

See the underground prices here!