Usg

This hub aggregates every CVE we track for Usg, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Usg.

• BDU:2024-01729Уязвимость микропрограммного обеспечения межсетевых экранов и VPN-устройств Zyxel USG и Zyxel VPN, связанная с отсутствием аутентификации для критичной функции, позволяющая нарушителю раскрыть защищаемую информацию7.5Mar 4, 2024
• BDU:2024-01728Уязвимость службы proactor1.2 (/usr/sbin/proactor1.2/pro) микропрограммного обеспечения межсетевых экранов и VPN-устройств Zyxel USG и Zyxel VPN, позволяющая нарушителю обойти существующие ограничения безопасности9.8Mar 4, 2024
• BDU:2024-01727Уязвимость службы SMB микропрограммного обеспечения межсетевых экранов и VPN-устройств Zyxel USG и Zyxel VPN, позволяющая нарушителю вызвать отказ в обслуживании7.5Mar 4, 2024
• BDU:2024-01726Уязвимость микропрограммного обеспечения межсетевых экранов и VPN-устройств Zyxel USG и Zyxel VPN, существующая из-за непринятия мер по нейтрализации специальных элементов, используемых в команде операционной системы, позволяющая нарушителю выполнить произвольный код9.8Mar 4, 2024
• CVE-2023-33010A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX ...KEV9.8May 24, 2023
• CVE-2023-33009A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 5...KEV9.8May 24, 2023
• CVE-2022-45854An improper check for unusual conditions in Zyxel NWA110AX firmware verisons prior to 6.50(ABTG.0)C0, which could allow a LAN attacker to cause a temporary denial-of-service (DoS) by sending crafte...4.3Feb 7, 2023
• CVE-2022-38547A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72, VPN series firmware versions 4.30 through 5.32, USG FLEX ser...7.2Feb 7, 2023
• CVE-2022-40603A cross-site scripting (XSS) vulnerability in the CGI program of Zyxel ZyWALL/USG series firmware versions 4.30 through 4.72, VPN series firmware versions 4.30 through 5.31, USG FLEX series firmwar...4.7Dec 6, 2022
• CVE-2022-30526A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 f...7.8Jul 19, 2022
• CVE-2022-26532A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series ...7.8May 24, 2022
• CVE-2022-0910A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware ver...6.5May 24, 2022
• CVE-2022-0734A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP serie...5.8May 24, 2022
• CVE-2022-26531Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, AT...6.1May 24, 2022
• CVE-2022-0342An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware ve...9.8Mar 28, 2022