Known Vulnerabilities for products from Zyxel
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Zyxel".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Zyxel can be found at device.report : Zyxel
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-6058 json | Not Provided | 2026-04-21 | 2026-04-21 | |
| CVE-2023-43314 json | ** UNSUPPPORTED WHEN ASSIGNED ** The buffer overflow vulnerability in the Zyxel PMG2005-T20B firmware version V1.00(ABNK.2)b1... | 7.5 - HIGH | 2023-09-27 | 2023-11-07 |
| CVE-2023-37928 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-11-30 | 2023-12-06 |
| CVE-2023-37927 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-11-30 | 2023-12-06 |
| CVE-2023-37926 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2023-11-28 | 2023-12-04 |
| CVE-2023-37925 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2023-11-28 | 2023-12-04 |
| CVE-2023-35140 json | The improper privilege management vulnerability in the Zyxel GS1900-24EP switch firmware version V2.70(ABTO.5) could allow a... | Not Provided | 2023-11-07 | 2023-11-14 |
| CVE-2023-35139 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2023-11-28 | 2023-12-04 |
| CVE-2023-35138 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2023-11-30 | 2023-12-05 |
| CVE-2023-35137 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-11-30 | 2023-12-05 |
| CVE-2023-35136 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2023-11-28 | 2023-12-04 |
| CVE-2023-34141 json | A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 ... | 8 - HIGH | 2023-07-17 | 2023-07-26 |
| CVE-2023-34140 json | A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware... | 6.5 - MEDIUM | 2023-07-17 | 2023-07-26 |
| CVE-2023-34139 json | A command injection vulnerability in the Free Time WiFi hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 t... | 8.8 - HIGH | 2023-07-17 | 2023-07-26 |
| CVE-2023-34138 json | A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.... | 8 - HIGH | 2023-07-17 | 2023-07-26 |
| CVE-2023-33013 json | A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 co... | 8.8 - HIGH | 2023-08-14 | 2023-08-22 |
| CVE-2023-33012 json | A command injection vulnerability in the configuration parser of the Zyxel ATP series firmware versions 5.10 through 5.36 Pat... | 8.8 - HIGH | 2023-07-17 | 2023-07-26 |
| CVE-2023-33011 json | A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware v... | 8.8 - HIGH | 2023-07-17 | 2023-07-26 |
| CVE-2023-33010 json | A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1... | 9.8 - CRITICAL | 2023-05-24 | 2023-06-07 |
| CVE-2023-33009 json | A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1,... | 9.8 - CRITICAL | 2023-05-24 | 2024-04-01 |
Known software with vulnerabilities from Zyxel
| Type | Vendor | Product | Version |
|---|---|---|---|
| Operating System | Zyxel | 2.00abbx.3 | - |
| Operating System | Zyxel | Access Points Firmware | - |
| Hardware | Zyxel | Atp200 | - |
| Operating System | Zyxel | Atp200 Firmware | 4.31 |
| Hardware | Zyxel | Atp500 | - |
| Operating System | Zyxel | Atp500 Firmware | 4.31 |
| Hardware | Zyxel | Atp800 | - |
| Operating System | Zyxel | Atp800 Firmware | 4.31 |
| Application | Zyxel | Cloudcnm Secumanager | 3.1.0 |
| Application | Zyxel | Cloud Cnm Secumanager | 3.1.0 |
| Hardware | Zyxel | Gs1900-10hp | - |
| Operating System | Zyxel | Gs1900-10hp Firmware | - |
| Hardware | Zyxel | Gs1900-16 | - |
| Operating System | Zyxel | Gs1900-16 Firmware | - |
| Hardware | Zyxel | Gs1900-24e | - |
| Operating System | Zyxel | Gs1900-24e Firmware | - |
| Hardware | Zyxel | Gs1900-24hp | - |
| Operating System | Zyxel | Gs1900-24hp Firmware | - |
| Operating System | Zyxel | Gs1900-24 Firmware | - |
| Hardware | Zyxel | Gs1900-48 | - |