Vulnerabilities > Zyxel > Nas520 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-06 | CVE-2020-13365 | Improper Authentication vulnerability in Zyxel products Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. | 8.8 |
| 2020-08-06 | CVE-2020-13364 | Unspecified vulnerability in Zyxel products A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. | 8.8 |
| 2020-03-04 | CVE-2020-9054 | OS Command Injection vulnerability in Zyxel products Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. | 9.8 |