Vulnerabilities > Zyxel > Gs1900 10Hp Firmware

DATE CVE VULNERABILITY TITLE RISK
2016-03-26 CVE-2016-1344 Resource Management Errors vulnerability in multiple products
The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417.
network
high complexity
cisco samsung sun zyxel lenovo netgear zzinc CWE-399
5.9
2016-03-03 CVE-2015-6260 Improper Input Validation vulnerability in Zyxel Gs1900-10Hp Firmware 2.40
Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote attackers to cause a denial of service (SNMP application restart) via a crafted packet, aka Bug ID CSCut84645.
network
low complexity
zyxel CWE-20
7.5
2016-03-03 CVE-2015-0718 Resource Management Errors vulnerability in multiple products
Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579.
network
low complexity
cisco samsung sun zyxel netgear zzinc CWE-399
7.5
2016-03-03 CVE-2016-1329 Improper Authentication vulnerability in multiple products
Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800.
network
low complexity
samsung sun zyxel zzinc CWE-287
critical
9.8
2016-02-09 CVE-2016-1319 Information Exposure vulnerability in multiple products
Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958.
network
low complexity
sun samsung zyxel zzinc CWE-200
5.3
2016-02-09 CVE-2016-1317 Information Exposure vulnerability in Zyxel Gs1900-10Hp Firmware 2.40
Cisco Unified Communications Manager 11.5(0.98000.480) allows remote authenticated users to obtain sensitive database table-name and entity-name information via a direct request to an unspecified URL, aka Bug ID CSCuy11098.
network
low complexity
zyxel CWE-200
4.3
2016-02-07 CVE-2016-1307 Credentials Management vulnerability in multiple products
The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which makes it easier for remote attackers to obtain access via an XMPP session, aka Bug ID CSCuw79085.
network
low complexity
zyxel zzinc CWE-255
5.4
2016-02-07 CVE-2016-1302 Improper Access Control vulnerability in multiple products
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.
network
low complexity
samsung sun zyxel zzinc cisco CWE-284
8.8
2016-02-07 CVE-2015-6398 Resource Management Errors vulnerability in Zyxel Gs1900-10Hp Firmware 2.40
Cisco Nexus 9000 Application Centric Infrastructure (ACI) Mode switches with software before 11.0(1c) allow remote attackers to cause a denial of service (device reload) via an IPv4 ICMP packet with the IP Record Route option, aka Bug ID CSCuq57512.
network
low complexity
zyxel CWE-399
7.5
2015-12-31 CVE-2015-5990 Cross-Site Request Forgery (CSRF) vulnerability in Zyxel Gs1900-10Hp Firmware 2.40
Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17 allows remote attackers to hijack the authentication of arbitrary users.
network
low complexity
zyxel CWE-352
8.8