Usg Flex Firmware
1 CVEs
product
Monthly
Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Zyxel
Command Injection
Vpn Orchestrator
Zld
Nsg Firmware
+1
NVD
CVSS 3.1
7.2
EPSS
2.3%
EPSS 2%
CVSS 7.2
HIGH
This Week
Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Zyxel
Command Injection
Vpn Orchestrator
+3
NVD