Vulnerabilities > Zyxel > Gs1900 10Hp Firmware

DATE CVE VULNERABILITY TITLE RISK
2015-12-31 CVE-2015-5989 Permissions, Privileges, and Access Controls vulnerability in Zyxel Gs1900-10Hp Firmware 2.40
Belkin F9K1102 2 devices with firmware 2.10.17 rely on client-side JavaScript code for authorization, which allows remote attackers to obtain administrative privileges via certain changes to LockStatus and Login_Success values.
network
low complexity
zyxel CWE-264
critical
9.8
2015-12-31 CVE-2015-5988 Credentials Management vulnerability in Zyxel Gs1900-10Hp Firmware 2.40
The web management interface on Belkin F9K1102 2 devices with firmware 2.10.17 has a blank password, which allows remote attackers to obtain administrative privileges by leveraging a LAN session.
network
low complexity
zyxel CWE-255
critical
9.8
2015-12-31 CVE-2015-5987 Unspecified vulnerability in Zyxel Gs1900-10Hp Firmware 2.40
Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value.
network
low complexity
zyxel
8.6