Skip to main content

Zywall 310 Firmware

5 CVEs product

Monthly

CVE-2022-0342 CRITICAL POC THREAT Act Now

An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zyxel Usg40 Firmware Usg40W Firmware Usg60 Firmware +20
NVD
CVSS 3.1
9.8
EPSS
84.8%
CVE-2021-35029 CRITICAL Act Now

An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zyxel Authentication Bypass Usg1900 Firmware Usg1100 Firmware Usg310 Firmware +34
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2019-12583 CRITICAL POC PATCH THREAT Act Now

Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices allows a remote attacker to generate guest accounts by directly accessing the account generator. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Zyxel Uag2100 Firmware Uag4100 Firmware Uag5100 Firmware +11
NVD
CVSS 3.0
9.1
EPSS
43.9%
CVE-2019-9955 MEDIUM POC PATCH THREAT This Month

On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Zyxel Atp200 Firmware Atp500 Firmware Atp800 Firmware +18
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
20.9%
CVE-2018-9129 MEDIUM PATCH This Month

ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in their Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Microsoft Zyxel Information Disclosure Zywall 110 Firmware Zywall 1100 Firmware +15
NVD
CVSS 3.0
5.9
EPSS
1.0%
EPSS 85% CVSS 9.8
CRITICAL POC THREAT Act Now

An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zyxel Usg40 Firmware +22
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zyxel Authentication Bypass Usg1900 Firmware +36
NVD
EPSS 44% CVSS 9.1
CRITICAL POC PATCH THREAT Act Now

Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices allows a remote attacker to generate guest accounts by directly accessing the account generator. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Zyxel Uag2100 Firmware +13
NVD
EPSS 21% CVSS 6.1
MEDIUM POC PATCH THREAT This Month

On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Zyxel Atp200 Firmware +20
NVD Exploit-DB
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in their Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Microsoft Zyxel Information Disclosure +17
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy