-
Zyxel security advisory for DoS vulnerability of XGS2220, XMG1930, and XS1930 series switches
CVE: CVE-2023-28768 Summary Zyxel has released patches for some switches affected by a denial-of-service (DoS) vulnerability. Users are advised to install them for optimal protection. What is the vulnerability? Improper frame handling in the Zyxel XGS2220, XMG1930, and XS1930 series switches could allow an unauthenticated…
-
Zyxel security advisory for multiple vulnerabilities in firewalls and WLAN controllers
CVEs: CVE-2023-28767, CVE-2023-33011, CVE-2023-33012, CVE-2023-34138, CVE-2023-34139, CVE-2023-34140, CVE-2023-34141 Summary Zyxel has released patches addressing multiple vulnerabilities in some firewall and WLAN controller versions. Users are advised to install the patches for optimal protection. What are the…
-
Zyxel security advisory for OS command injection vulnerability of firewalls
CVE: CVE-2023-28771 Summary Zyxel has released patches for an OS command injection vulnerability found by TRAPA Security and urges users to install them for optimal protection. What is the vulnerability? Improper error message handling in some firewall versions could allow an unauthenticated attacker to execute some OS…
-
Zyxel security advisory for DoS vulnerability of switches
CVE: CVE-2022-43393 Summary Zyxel has released patches for some switches affected by
a denial-of-service (DoS) vulnerability. Users are advised to install them for
optimal protection. What is the vulnerability? An improper check for unusual or exceptional conditions
in the HTTP request processing function of some Zyxel…
-
Zyxel security advisory for privilege escalation vulnerability in GS1900 series switches
CVE: CVE-2022-45853 Summary Zyxel has released patches for GS1900 series switches affected by a privilege escalation vulnerability. Users are advised to install them for optimal protection. What is the vulnerability? The privilege escalation vulnerability in the Zyxel GS1900 series switches could allow a local…
-
Zyxel security advisory for pre-authentication command injection vulnerability in NAS products
CVE: CVE-2023-27992 Summary Zyxel has released patches addressing a pre-authentication command injection vulnerability in some NAS versions. Users are advised to install them for optimal protection. What is the vulnerability? The pre-authentication command injection vulnerability in some Zyxel NAS devices could allow an…
-
Zyxel security advisory for post-authentication command injection vulnerability in NAS products
CVE: CVE-2023-27988 Summary Zyxel has released patches addressing a post-authentication command injection vulnerability in some NAS versions. Users are advised to install them for optimal protection. What is the vulnerability? The post-authentication command injection vulnerability has been found in the web management…
-
Zyxel security advisory for multiple buffer overflow vulnerabilities of firewalls
CVEs: CVE-2023-33009, CVE-2023-33010 Summary Zyxel has released patches for firewalls affected by multiple buffer overflow vulnerabilities. Users are advised to install them for optimal protection. What are the vulnerabilities? CVE-2023-33009 A buffer overflow vulnerability in the notification function in some firewall…
-
Zyxel security advisory for post-authentication command injection vulnerability in NBG6604 ...
Zyxel security advisory for post-authentication command injection vulnerability in NBG6604 home router CVE: CVE-2023-22919 Summary Zyxel has released a patch addressing a post-authentication command injection vulnerability in the NBG6604 home router. Users are advised to install the patch for optimal protection. What is…
-
Zyxel security advisory for multiple vulnerabilities in NBG-418N v2 home router
CVE: CVE-2023-22921, CVE-2023-22922, CVE-2023-22923, CVE-2023-22924 Summary Zyxel has released a patch addressing multiple vulnerabilities in the NBG-418N v2 home router. Users are advised to install the patch for optimal protection. What are the vulnerabilities? CVE-2023-22921 A cross-site scripting (XSS) vulnerability…
-
Zyxel security advisory for XSS vulnerability and post-authentication command injection ...
Zyxel security advisory for XSS vulnerability and post-authentication command injection vulnerability in firewalls CVE:CVE-2023-27990, CVE-2023-27991 Summary Zyxel has released patches for some firewalls affected by a stored cross-site scripting (XSS) vulnerability and apost-authentication command injection vulnerability.…
-
Zyxel security advisory for multiple vulnerabilities of firewalls and APs
CVE:CVE-2023-22913, CVE-2023-22914, CVE-2023-22915, CVE-2023-22916, CVE-2023-22917, CVE-2023-22918 Summary Zyxel is aware of multiple vulnerabilities in its firewalls and access points (AP) as reported by Positive Technologies and advises users to install the applicable firmware updates for optimal protection. What are the…
-
Zyxel security advisory for security misconfiguration vulnerability of 4G LTE indoor routers
CVE: CVE-2023-22920 Summary Zyxel has released patches for 4G LTE indoor routers LTE3202-M437 and LTE3316-M604 to address a security misconfiguration vulnerability. Users are advised to install the patch for optimal protection. What is the vulnerability? A security misconfiguration vulnerability exists in the previous…
-
Zyxel security advisory for DoS vulnerability of APs
CVE: CVE-2022-45854 Summary Zyxel has released patches for access points (AP) affected by a temporary denial-of-service (DoS) vulnerability. Users are advised
to install them for optimal protection. What is the vulnerability? An improper check for unusual conditions in some APs could allow an attacker to cause a temporary…
-
Zyxel security advisory for XSS vulnerability in NBG-418N v2 home router
CVE: CVE-2022-45441 Summary Zyxel
has released a patch addressing a stored cross-site scripting (XSS)
vulnerability in the NBG-418N v2 home router. Users are advised to install the
patch for optimal protection. What is the vulnerability? An
XSS vulnerability in Zyxel’s NBG-418N v2 could allow an unauthenticated
attacker to…
-
Zyxel security advisory for post-authentication RCE in firewalls
CVE: CVE-2022-38547 Summary Zyxel has released patches for firewalls affected by a post-authentication remote code execution (RCE)
vulnerability. Users are advised to install them for optimal protection. What is the vulnerability? The post-authentication
RCE vulnerability in the CLI command of some firewall versions could…
-
Zyxel security advisory for cleartext storage of WiFi credentials and improper symbolic links of ...
Zyxel security advisory for cleartext storage of WiFi
credentials and improper symbolic links of FTP for AX7501-B0 CPE CVE: CVE-2022-45439, CVE-2022-45440 Summary Zyxel has released a patch addressing the cleartext storage
of WiFi credentials and improper FTP symbolic links in the AX7501-B0 CPE, and advises
users to…
-
Zyxel security advisory for DNS misconfiguration in NBG7510 home router
CVE: CVE-2022-38546 Summary Zyxel
has released a patch addressing a DNS misconfiguration in the NBG7510 home
router. Users are advised to install the applicable update for optimal
protection. What is the vulnerability? A
DNS misconfiguration in Zyxel’s NBG7510 could allow an unauthenticated attacker
to perform DNS-related…
-
Zyxel security advisory for XSS vulnerability in firewalls
CVE: CVE-2022-40603 Summary Zyxel has released patches for some firewalls affected by
a reflected cross-site scripting (XSS) vulnerability. Users are advised to
install them for optimal protection. What is the vulnerability? A reflected XSS vulnerability in the
CGI program of some firewall versions could allow an attacker…
-
Zyxel security advisory for pre-configured password vulnerability of LTE3301-M209
CVE: CVE-2022-40602 Summary Zyxel has released a patch for its LTE indoor router LTE3301-M209 to address a pre-configured password vulnerability. Users are advised to install the patch for optimal protection. What is the vulnerability? A flaw in the previous LTE3301-M209 firmware could allow a remote attacker to access the…