📦 Vpn50 Firmware

A buffer overflow vulnerability in Zyxel firewall notification functions allows unauthenticated attackers to cause denial-of-service or execute arbitrary code remotely. This affects multiple Zyxel fir...

This vulnerability allows unauthenticated remote attackers to execute arbitrary operating system commands on affected Zyxel firewall devices by sending specially crafted IKE packets. It affects multip...

This authentication bypass vulnerability in Zyxel firewall CGI programs allows attackers to circumvent web authentication and gain administrative access to affected devices. It affects multiple Zyxel ...

CVE-2020-29583 is a critical vulnerability in Zyxel USG devices where firmware version 4.60 includes a hidden administrative account (zyfwp) with a hardcoded, unchangeable password found in cleartext....

This is a post-authentication command injection vulnerability in Zyxel firewall CLI commands that allows authenticated attackers to execute arbitrary operating system commands remotely. It affects mul...

A post-authentication command injection vulnerability in Zyxel USG FLEX and VPN series firewalls allows authenticated attackers to execute arbitrary commands through the account_operator.cgi program. ...

A buffer overflow vulnerability in the fbwifi_forward.cgi CGI program of affected Zyxel devices allows remote unauthenticated attackers to cause denial-of-service conditions by sending crafted HTTP re...

A buffer overflow vulnerability in Zyxel network devices allows remote unauthenticated attackers to cause denial of service by uploading a crafted configuration file. This affects multiple Zyxel firew...

This is a post-authentication command injection vulnerability in Zyxel firewall devices that allows authenticated administrators to execute arbitrary operating system commands. It affects multiple Zyx...

This CVE describes a local privilege escalation vulnerability in Zyxel firewall CLI commands where a local attacker can execute OS commands with root privileges in specific directories. It affects mul...

This CVE-2022-26532 is an argument injection vulnerability in Zyxel network devices that allows local authenticated attackers to execute arbitrary OS commands via crafted arguments to the 'packet-trac...