Zyxel USG FLEX 500 Firmware 5.36 Patch 1
Approved changes feed: RSS · Atom
cpe:2.3:o:zyxel:usg_flex_500_firmware:5.36:patch1:*:*:*:*:*:*
part: o version: 5.36 update: patch1
| Vendor | Zyxel (d3fcf896-5708-55f8-8f74-3e19a9d55b89) |
|---|---|
| Product | Usg Flex 500 Firmware (61bd2c85-c70b-5eed-8642-517b269a0c4c) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-33010 |
vulnerable | 2026-06-03 14:52:00.939752 |
Details available
CRITICAL (9.8)
A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
Published: 2023-05-24T00:00:00.000Z
Updated: 2025-10-21T23:05:47.497Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33009 |
vulnerable | 2026-06-03 14:52:00.903429 |
Details available
CRITICAL (9.8)
A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
Published: 2023-05-24T00:00:00.000Z
Updated: 2025-10-21T23:05:47.636Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.