Zyxel USG FLEX 50W -
Approved changes feed: RSS · Atom
cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*
part: h version: - update: *
| Vendor | Zyxel (d3fcf896-5708-55f8-8f74-3e19a9d55b89) |
|---|---|
| Product | Usg Flex 50W (81f65bd0-2cce-5fec-90ac-6bbb527d6bfb) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-9133 |
not_vulnerable | 2026-06-03 15:13:45.516024 |
Details available
HIGH (8.1)
A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50(W) series firmware versions from V4.16 through V5.40, and USG20(W)-VPN series firmware versions from V4.16 through V5.40 could allow a semi-authenticated attacker—who has completed only the first stage of the two-factor authentication (2FA) process—to view and download the system configuration from an affected device.
Published: 2025-10-21T01:57:20.265Z
Updated: 2026-02-26T16:57:22.191Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-8078 |
not_vulnerable | 2026-06-03 15:13:42.679341 |
Details available
HIGH (7.2)
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50(W) series firmware versions from V4.16 through V5.40, and USG20(W)-VPN series firmware versions from V4.16 through V5.40 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on the affected device by passing a crafted string as an argument to a CLI command.
Published: 2025-10-21T01:49:29.266Z
Updated: 2026-02-26T16:57:22.696Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7203 |
not_vulnerable | 2026-06-03 14:58:05.262479 |
Details available
HIGH (7.2)
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device by executing a crafted CLI command.
Published: 2024-09-03T01:36:32.110Z
Updated: 2024-09-03T13:55:28.588Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-6343 |
not_vulnerable | 2026-06-03 14:58:02.671110 |
Details available
MEDIUM (4.9)
A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
Published: 2024-09-03T01:28:27.056Z
Updated: 2024-09-03T13:47:31.099Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42061 |
not_vulnerable | 2026-06-03 14:56:35.828813 |
Details available
MEDIUM (6.1)
A reflected cross-site scripting (XSS) vulnerability in the CGI program "dynamic_script.cgi" of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an attacker to trick a user into visiting a crafted URL with the XSS payload. The attacker could obtain browser-based information if the malicious script is executed on the victim’s browser.
Published: 2024-09-03T01:59:36.884Z
Updated: 2024-09-03T13:48:38.734Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42060 |
not_vulnerable | 2026-06-03 14:56:35.827666 |
Details available
HIGH (7.2)
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted internal user agreement file to the vulnerable device.
Published: 2024-09-03T01:54:57.221Z
Updated: 2024-09-03T13:43:44.353Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42059 |
not_vulnerable | 2026-06-03 14:56:35.825858 |
Details available
HIGH (7.2)
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series firmware versions from V5.00 through V5.38, and USG20(W)-VPN series firmware versions from V5.00 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted compressed language file via FTP.
Published: 2024-09-03T01:51:20.796Z
Updated: 2024-09-03T13:53:11.888Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42058 |
not_vulnerable | 2026-06-03 14:56:35.824342 |
Details available
HIGH (7.5)
A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V5.20 through V5.38, and USG20(W)-VPN series firmware versions from V5.20 through V5.38 could allow an unauthenticated attacker to cause DoS conditions by sending crafted packets to a vulnerable device.
Published: 2024-09-03T01:47:29.258Z
Updated: 2024-09-03T13:54:13.924Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42057 |
not_vulnerable | 2026-06-03 14:56:35.821362 |
Details available
HIGH (8.1)
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an unauthenticated attacker to execute some OS commands on an affected device by sending a crafted username to the vulnerable device. Note that this attack could be successful only if the device was configured in User-Based-PSK authentication mode and a valid user with a long username exceeding 28 characters exists.
Published: 2024-09-03T01:43:28.106Z
Updated: 2024-09-03T13:54:39.611Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11667 |
not_vulnerable | 2026-06-03 14:54:14.639202 |
Details available
HIGH (7.5)
A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL.
Published: 2024-11-27T09:39:41.691Z
Updated: 2025-10-21T22:55:34.999Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-6764 |
not_vulnerable | 2026-06-03 14:53:58.929760 |
Details available
HIGH (8.1)
A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1 could allow an attacker to achieve unauthorized remote code execution by sending a sequence of specially crafted payloads containing an invalid pointer; however, such an attack would require detailed knowledge of an affected device’s memory layout and configuration.
Published: 2024-02-20T02:14:09.814Z
Updated: 2024-08-02T08:42:07.430Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-6399 |
not_vulnerable | 2026-06-03 14:53:51.722237 |
Details available
MEDIUM (5.7)
A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, and USG FLEX H series firmware versions from 1.10 through 1.10 Patch 1 could allow an authenticated IPSec VPN user to cause DoS conditions against the “deviceid” daemon by sending a crafted hostname to an affected device if it has the “Device Insight” feature enabled.
Published: 2024-02-20T01:42:21.027Z
Updated: 2024-08-02T08:28:21.797Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-6398 |
not_vulnerable | 2026-06-03 14:53:51.704855 |
Details available
HIGH (7.2)
A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1,
USG FLEX H series firmware versions from 1.10 through 1.10 Patch 1,
NWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP.
Published: 2024-02-20T01:34:32.229Z
Updated: 2024-08-25T15:46:49.897Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-6397 |
not_vulnerable | 2026-06-03 14:53:51.688215 |
Details available
MEDIUM (6.5)
A null pointer dereference vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1 and USG FLEX series firmware versions from 4.50 through 5.37 Patch 1 could allow a LAN-based attacker to cause denial-of-service (DoS) conditions by downloading a crafted RAR compressed file onto a LAN-side host if the firewall has the “Anti-Malware” feature enabled.
Published: 2024-02-20T01:19:27.475Z
Updated: 2024-08-02T08:28:21.794Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-5960 |
not_vulnerable | 2026-06-03 14:53:50.010204 |
Details available
MEDIUM (5.5)
An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device.
Published: 2023-11-28T02:05:45.830Z
Updated: 2024-08-02T08:14:25.225Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-5797 |
not_vulnerable | 2026-06-03 14:53:49.644263 |
Details available
MEDIUM (5.5)
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.
Published: 2023-11-28T02:00:59.801Z
Updated: 2024-12-02T19:31:49.340Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-5650 |
not_vulnerable | 2026-06-03 14:53:49.275106 |
Details available
MEDIUM (5.5)
An improper privilege management vulnerability in the ZySH of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to modify the URL of the registration page in the web GUI of an affected device.
Published: 2023-11-28T01:53:43.502Z
Updated: 2024-08-02T08:07:32.465Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-4398 |
not_vulnerable | 2026-06-03 14:53:27.942490 |
Details available
HIGH (7.5)
An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions on an affected device by sending a crafted IKE packet.
Published: 2023-11-28T01:48:28.586Z
Updated: 2024-10-17T17:38:37.172Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-4397 |
not_vulnerable | 2026-06-03 14:53:27.932969 |
Details available
MEDIUM (4.4)
A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device.
Published: 2023-11-28T01:42:00.951Z
Updated: 2024-08-02T07:24:04.592Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37926 |
not_vulnerable | 2026-06-03 14:52:29.736826 |
Details available
MEDIUM (5.5)
A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device.
Published: 2023-11-28T01:37:19.483Z
Updated: 2024-08-02T17:23:27.797Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37925 |
not_vulnerable | 2026-06-03 14:52:29.708547 |
Details available
MEDIUM (5.5)
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.
Published: 2023-11-28T01:30:55.186Z
Updated: 2024-08-02T17:23:27.715Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-35139 |
not_vulnerable | 2026-06-03 14:52:17.835603 |
Details available
MEDIUM (5.2)
A cross-site scripting (XSS) vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50(W) series firmware versions 5.10 through 5.37, USG20(W)-VPN series firmware versions 5.10 through 5.37, and VPN series firmware versions 5.00 through 5.37, could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed to steal cookies when the user visits the specific CGI used for dumping ZTP logs.
Published: 2023-11-28T01:22:07.985Z
Updated: 2024-08-02T16:23:59.589Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-35136 |
not_vulnerable | 2026-06-03 14:52:17.825014 |
Details available
MEDIUM (5.5)
An improper input validation vulnerability in the “Quagga” package of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to access configuration files on an affected device.
Published: 2023-11-28T01:16:16.723Z
Updated: 2025-06-05T13:54:49.743Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-34141 |
not_vulnerable | 2026-06-03 14:52:15.849429 |
Details available
HIGH (8)
A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.00 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.00 through 5.36 Patch 2, VPN series firmware versions 5.00 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the managed AP list in advance.
Published: 2023-07-17T17:56:26.818Z
Updated: 2024-10-29T16:06:41.479Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-34140 |
not_vulnerable | 2026-06-03 14:52:15.837730 |
Details available
MEDIUM (6.5)
A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN series firmware versions 4.30 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to cause denial of service (DoS) conditions by sending a crafted request to the CAPWAP daemon.
Published: 2023-07-17T17:49:38.175Z
Updated: 2024-10-21T19:42:15.688Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-34139 |
not_vulnerable | 2026-06-03 14:52:15.829106 |
Details available
HIGH (8.8)
A command injection vulnerability in the Free Time WiFi hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.36 Patch 2 and VPN series firmware versions 4.20 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device.
Published: 2023-07-17T17:36:32.909Z
Updated: 2024-10-29T16:19:03.216Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-34138 |
not_vulnerable | 2026-06-03 14:52:15.812346 |
Details available
HIGH (8)
A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2, USG FLEX series firmware versions 4.60 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.60 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.60 through 5.36 Patch 2, and VPN series firmware versions 4.60 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the list of trusted RADIUS clients in advance.
Published: 2023-07-17T17:31:40.719Z
Updated: 2024-10-30T18:02:28.372Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33012 |
not_vulnerable | 2026-06-03 14:52:00.979965 |
Details available
HIGH (8.8)
A command injection vulnerability in the configuration parser of the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.10 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN series firmware versions 5.00 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands by using a crafted GRE configuration when the cloud management mode is enabled.
Published: 2023-07-17T17:23:26.370Z
Updated: 2025-03-05T18:48:53.862Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33011 |
not_vulnerable | 2026-06-03 14:52:00.961397 |
Details available
HIGH (8.8)
A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.10 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN series firmware versions 5.00 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands by using a crafted PPPoE configuration on an affected device when the cloud management mode is enabled.
Published: 2023-07-17T17:15:45.876Z
Updated: 2024-11-07T19:08:01.595Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33010 |
not_vulnerable | 2026-06-03 14:52:00.940107 |
Details available
CRITICAL (9.8)
A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
Published: 2023-05-24T00:00:00.000Z
Updated: 2025-10-21T23:05:47.497Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33009 |
not_vulnerable | 2026-06-03 14:52:00.910665 |
Details available
CRITICAL (9.8)
A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
Published: 2023-05-24T00:00:00.000Z
Updated: 2025-10-21T23:05:47.636Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28771 |
not_vulnerable | 2026-06-03 14:51:37.660580 |
Details available
CRITICAL (9.8)
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device.
Published: 2023-04-25T00:00:00.000Z
Updated: 2025-10-21T23:05:48.400Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28767 |
not_vulnerable | 2026-06-03 14:51:37.597058 |
Details available
HIGH (8.8)
The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions 5.00 through 5.36, USG FLEX 50(W) series firmware versions 5.10 through 5.36,
USG20(W)-VPN series firmware versions 5.10 through 5.36, and VPN series firmware versions 5.00 through 5.36. An unauthenticated, LAN-based attacker could leverage the vulnerability to inject some operating system (OS) commands into the device configuration data on an affected device when the cloud management mode is enabled.
Published: 2023-07-17T16:59:45.258Z
Updated: 2024-11-07T19:14:46.971Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-27991 |
not_vulnerable | 2026-06-03 14:51:03.186364 |
Details available
HIGH (8.8)
The post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker to execute some OS commands remotely.
Published: 2023-04-24T00:00:00.000Z
Updated: 2025-02-04T16:47:55.646Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-27990 |
not_vulnerable | 2026-06-03 14:51:03.177539 |
Details available
MEDIUM (4.8)
The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker with administrator privileges to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed when the user visits the Logs page of the GUI on the device.
Published: 2023-04-24T00:00:00.000Z
Updated: 2024-08-02T12:23:30.803Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-22918 |
not_vulnerable | 2026-06-03 14:49:20.527173 |
Details available
MEDIUM (6.5)
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.
Published: 2023-04-24T00:00:00.000Z
Updated: 2025-02-12T16:01:35.920Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-22917 |
not_vulnerable | 2026-06-03 14:49:20.518752 |
Details available
HIGH (7.5)
A buffer overflow vulnerability in the “sdwan_iface_ipc” binary of Zyxel ATP series firmware versions 5.10 through 5.32, USG FLEX series firmware versions 5.00 through 5.32, USG FLEX 50(W) firmware versions 5.10 through 5.32, USG20(W)-VPN firmware versions 5.10 through 5.32, and VPN series firmware versions 5.00 through 5.35, which could allow a remote unauthenticated attacker to cause a core dump with a request error message on a vulnerable device by uploading a crafted configuration file.
Published: 2023-04-24T00:00:00.000Z
Updated: 2025-02-12T16:02:01.734Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-22916 |
not_vulnerable | 2026-06-03 14:49:20.508301 |
Details available
HIGH (8.1)
The configuration parser of Zyxel ATP series firmware versions 5.10 through 5.35, USG FLEX series firmware versions 5.00 through 5.35, USG FLEX 50(W) firmware versions 5.10 through 5.35, USG20(W)-VPN firmware versions 5.10 through 5.35, and VPN series firmware versions 5.00 through 5.35, which fails to properly sanitize user input. A remote unauthenticated attacker could leverage the vulnerability to modify device configuration data, resulting in DoS conditions on an affected device if the attacker could trick an authorized administrator to switch the management mode to the cloud mode.
Published: 2023-04-24T00:00:00.000Z
Updated: 2025-02-12T16:42:02.320Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-22915 |
not_vulnerable | 2026-06-03 14:49:20.502803 |
Details available
HIGH (7.5)
A buffer overflow vulnerability in the “fbwifi_forward.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.30 through 5.35, USG20(W)-VPN firmware versions 4.30 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote unauthenticated attacker to cause DoS conditions by sending a crafted HTTP request if the Facebook WiFi function were enabled on an affected device.
Published: 2023-04-24T00:00:00.000Z
Updated: 2025-02-12T16:22:50.289Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-22914 |
not_vulnerable | 2026-06-03 14:49:20.496073 |
Details available
HIGH (7.2)
A path traversal vulnerability in the “account_print.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote authenticated attacker with administrator privileges to execute unauthorized OS commands in the “tmp” directory by uploading a crafted file if the hotspot function were enabled.
Published: 2023-04-24T00:00:00.000Z
Updated: 2025-02-12T16:22:16.191Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-22913 |
not_vulnerable | 2026-06-03 14:49:20.487895 |
Details available
HIGH (8.1)
A post-authentication command injection vulnerability in the “account_operator.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote authenticated attacker to modify device configuration data, resulting in denial-of-service (DoS) conditions on an affected device.
Published: 2023-04-24T00:00:00.000Z
Updated: 2025-02-12T16:21:34.031Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-40603 |
not_vulnerable | 2026-06-03 14:48:03.175986 |
Details available
MEDIUM (4.7)
A cross-site scripting (XSS) vulnerability in the CGI program of Zyxel ZyWALL/USG series firmware versions 4.30 through 4.72, VPN series firmware versions 4.30 through 5.31, USG FLEX series firmware versions 4.50 through 5.31, and ATP series firmware versions 4.32 through 5.31, which could allow an attacker to trick a user into visiting a crafted URL with the XSS payload. Then, the attacker could gain access to some browser-based information if the malicious script is executed on the victim’s browser.
Published: 2022-12-06T00:00:00.000Z
Updated: 2025-04-23T20:00:23.891Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-30526 |
not_vulnerable | 2026-06-03 14:47:08.808688 |
Details available
HIGH (7.8)
A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device.
Published: 2022-07-19T05:45:14.000Z
Updated: 2024-08-03T06:48:36.418Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-30525 |
not_vulnerable | 2026-06-03 14:47:08.804589 |
Details available
CRITICAL (9.8)
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.
Published: 2022-05-12T13:05:11.000Z
Updated: 2025-10-21T23:15:39.737Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-2030 |
not_vulnerable | 2026-06-03 14:47:00.072767 |
Details available
MEDIUM (6.5)
A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.11 through 4.72, that could allow an authenticated attacker to access some restricted files on a vulnerable device.
Published: 2022-07-19T05:55:11.000Z
Updated: 2024-08-03T00:24:44.144Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.