Vulnerabilities > Zyxel > Dx5401 B0 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-27 | CVE-2023-28769 | Classic Buffer Overflow vulnerability in Zyxel Dx5401-B0 Firmware The buffer overflow vulnerability in the library “libclinkc.so” of the web server “zhttpd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device. | 9.8 |
| 2023-04-27 | CVE-2023-28770 | Unspecified vulnerability in Zyxel Dx5401-B0 Firmware The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file. | 7.5 |
| 2023-01-11 | CVE-2022-43390 | OS Command Injection vulnerability in Zyxel products A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request. | 8.8 |
| 2023-01-11 | CVE-2022-43391 | Classic Buffer Overflow vulnerability in Zyxel products A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request. | 6.5 |
| 2023-01-11 | CVE-2022-43392 | Classic Buffer Overflow vulnerability in Zyxel products A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request. | 6.5 |
| 2022-04-11 | CVE-2022-26413 | OS Command Injection vulnerability in Zyxel products A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface. | 7.7 |
| 2022-04-11 | CVE-2022-26414 | Classic Buffer Overflow vulnerability in Zyxel products A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service. | 4.9 |
| 2022-03-01 | CVE-2021-35036 | Cleartext Storage of Sensitive Information vulnerability in Zyxel products A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file. | 6.5 |