📦 Zywall Vpn2s Firmware

An unauthenticated LAN-based attacker can execute arbitrary OS commands on affected Zyxel network devices by sending a malicious GRE configuration when cloud management is enabled. This affects multip...

An unauthenticated command injection vulnerability in the Free Time WiFi hotspot feature of Zyxel USG FLEX and VPN series firewalls allows LAN-based attackers to execute arbitrary operating system com...

This CVE describes a command injection vulnerability in Zyxel firewall and WLAN controller products that allows LAN-based attackers to execute arbitrary OS commands. Attackers must first trick an auth...

This vulnerability allows an unauthenticated attacker on the local network to inject OS commands into the configuration data of affected Zyxel devices when cloud management is enabled. It affects mult...

A directory traversal vulnerability in Zyxel VPN2S firewall firmware allows remote attackers to access sensitive files by manipulating file paths. This affects organizations using Zyxel VPN2S firewall...