-
Zyxel security advisory for multiple vulnerabilities in firewalls and APs
Summary Zyxel has released patches addressing multiple vulnerabilities in some firewall and access point (AP) versions. Users are advised to install the patches for optimal protection. What are the vulnerabilities? CVE-2023-35136 An improper input validation vulnerability in the “Quagga” package of some firewall versions…
-
Zyxel security advisory for out-of-bounds write vulnerability in SecuExtender...
Zyxel security advisory for out-of-bounds write vulnerability in SecuExtender SSL VPN Client software CVE: CVE-2023-5593 Summary Zyxel has released patches for the Windows-based SecuExtender SSL VPN Client software affected by an out-of-bounds write vulnerability. Users are advised to install them for optimal protection.…
-
Zyxel security advisory for improper privilege management vulnerability in GS1900 series switches
CVE: CVE-2023-35140 Summary Zyxel has released patches for GS1900 series switches affected by an improper privilege management vulnerability. Users are advised to install them for optimal protection. What is the vulnerability? A vulnerability in the Zyxel GS1900 series switches could allow a local authenticated user with…
-
Zyxel security advisory for post-authentication command injection in NTP feature of NBG6604...
Zyxel security advisory for post-authentication command injection in NTP feature of NBG6604 home router CVE: CVE-2023-33013 Summary Zyxel has released a patch addressing a post-authentication command injection vulnerability in the Network Time Protocol (NTP) feature of the NBG6604 home router. Users are advised to install…
-
Zyxel security advisory for DoS vulnerability of XGS2220, XMG1930, and XS1930 series switches
CVE: CVE-2023-28768 Summary Zyxel has released patches for some switches affected by a denial-of-service (DoS) vulnerability. Users are advised to install them for optimal protection. What is the vulnerability? Improper frame handling in the Zyxel XGS2220, XMG1930, and XS1930 series switches could allow an unauthenticated…
-
Zyxel security advisory for multiple vulnerabilities in firewalls and WLAN controllers
CVEs: CVE-2023-28767, CVE-2023-33011, CVE-2023-33012, CVE-2023-34138, CVE-2023-34139, CVE-2023-34140, CVE-2023-34141 Summary Zyxel has released patches addressing multiple vulnerabilities in some firewall and WLAN controller versions. Users are advised to install the patches for optimal protection. What are the…
-
Zyxel security advisory for OS command injection vulnerability of firewalls
CVE: CVE-2023-28771 Summary Zyxel has released patches for an OS command injection vulnerability found by TRAPA Security and urges users to install them for optimal protection. What is the vulnerability? Improper error message handling in some firewall versions could allow an unauthenticated attacker to execute some OS…
-
Zyxel security advisory for DoS vulnerability of switches
CVE: CVE-2022-43393 Summary Zyxel has released patches for some switches affected by
a denial-of-service (DoS) vulnerability. Users are advised to install them for
optimal protection. What is the vulnerability? An improper check for unusual or exceptional conditions
in the HTTP request processing function of some Zyxel…
-
Zyxel security advisory for privilege escalation vulnerability in GS1900 series switches
CVE: CVE-2022-45853 Summary Zyxel has released patches for GS1900 series switches affected by a privilege escalation vulnerability. Users are advised to install them for optimal protection. What is the vulnerability? The privilege escalation vulnerability in the Zyxel GS1900 series switches could allow a local…
-
Zyxel security advisory for pre-authentication command injection vulnerability in NAS products
CVE: CVE-2023-27992 Summary Zyxel has released patches addressing a pre-authentication command injection vulnerability in some NAS versions. Users are advised to install them for optimal protection. What is the vulnerability? The pre-authentication command injection vulnerability in some Zyxel NAS devices could allow an…
-
Zyxel security advisory for buffer overflow vulnerability in 4G LTE and 5G NR outdoor routers
CVE: CVE-2023-27989 Summary Zyxel has released patches for some 4G LTE and 5G NR outdoor routers affected by a buffer overflow vulnerability. Users are advised to install them for optimal protection. What are the vulnerabilities? A buffer overflow vulnerability in the CGI program of some Zyxel 4G LTE and 5G NR outdoor…
-
Zyxel security advisory for post-authentication command injection vulnerability in NAS products
CVE: CVE-2023-27988 Summary Zyxel has released patches addressing a post-authentication command injection vulnerability in some NAS versions. Users are advised to install them for optimal protection. What is the vulnerability? The post-authentication command injection vulnerability has been found in the web management…
-
Zyxel security advisory for multiple buffer overflow vulnerabilities of firewalls
CVEs: CVE-2023-33009, CVE-2023-33010 Summary Zyxel has released patches for firewalls affected by multiple buffer overflow vulnerabilities. Users are advised to install them for optimal protection. What are the vulnerabilities? CVE-2023-33009 A buffer overflow vulnerability in the notification function in some firewall…
-
Zyxel security advisory for post-authentication command injection vulnerability in NBG6604 ...
Zyxel security advisory for post-authentication command injection vulnerability in NBG6604 home router CVE: CVE-2023-22919 Summary Zyxel has released a patch addressing a post-authentication command injection vulnerability in the NBG6604 home router. Users are advised to install the patch for optimal protection. What is…
-
Zyxel security advisory for multiple vulnerabilities in NBG-418N v2 home router
CVE: CVE-2023-22921, CVE-2023-22922, CVE-2023-22923, CVE-2023-22924 Summary Zyxel has released a patch addressing multiple vulnerabilities in the NBG-418N v2 home router. Users are advised to install the patch for optimal protection. What are the vulnerabilities? CVE-2023-22921 A cross-site scripting (XSS) vulnerability…
-
Zyxel security advisory for XSS vulnerability and post-authentication command injection ...
Zyxel security advisory for XSS vulnerability and post-authentication command injection vulnerability in firewalls CVE:CVE-2023-27990, CVE-2023-27991 Summary Zyxel has released patches for some firewalls affected by a stored cross-site scripting (XSS) vulnerability and apost-authentication command injection vulnerability.…
-
Zyxel security advisory for multiple vulnerabilities of firewalls and APs
CVE:CVE-2023-22913, CVE-2023-22914, CVE-2023-22915, CVE-2023-22916, CVE-2023-22917, CVE-2023-22918 Summary Zyxel is aware of multiple vulnerabilities in its firewalls and access points (AP) as reported by Positive Technologies and advises users to install the applicable firmware updates for optimal protection. What are the…
-
Zyxel security advisory for security misconfiguration vulnerability of 4G LTE indoor routers
CVE: CVE-2023-22920 Summary Zyxel has released patches for 4G LTE indoor routers LTE3202-M437 and LTE3316-M604 to address a security misconfiguration vulnerability. Users are advised to install the patch for optimal protection. What is the vulnerability? A security misconfiguration vulnerability exists in the previous…
-
Zyxel security advisory for DoS vulnerability of APs
CVE: CVE-2022-45854 Summary Zyxel has released patches for access points (AP) affected by a temporary denial-of-service (DoS) vulnerability. Users are advised
to install them for optimal protection. What is the vulnerability? An improper check for unusual conditions in some APs could allow an attacker to cause a temporary…
-
Zyxel security advisory for XSS vulnerability in NBG-418N v2 home router
CVE: CVE-2022-45441 Summary Zyxel
has released a patch addressing a stored cross-site scripting (XSS)
vulnerability in the NBG-418N v2 home router. Users are advised to install the
patch for optimal protection. What is the vulnerability? An
XSS vulnerability in Zyxel’s NBG-418N v2 could allow an unauthenticated
attacker to…