Vulnerabilities > Zyxel
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-08-13 | CVE-2007-4317 | Remote vulnerability in Zyxel Zynos and Zywall 2 Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allow remote attackers to perform certain actions as administrators, as demonstrated by a request to Forms/General_1 with the (1) sysSystemName and (2) sysDomainName parameters. network zyxel | 4.3 |
2007-08-13 | CVE-2007-4316 | Remote Security vulnerability in Zyxel Zynos and Zywall 2 The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions. network zyxel | 4.3 |
2007-03-21 | CVE-2007-1586 | Denial of Service vulnerability in Zyxel Zynos 3.40 ZynOS 3.40 allows remote attackers to cause a denial of service (link restart) by sending a request for the name \M via the SMB Mail Slot Protocol. | 7.8 |
2006-07-31 | CVE-2006-3929 | Cross-Site Scripting vulnerability in Zyxel Prestige 660H-61 Firmware3.40Pt.0B32 Cross-site scripting (XSS) vulnerability in the Forms/rpSysAdmin script on the Zyxel Prestige 660H-61 ADSL Router running firmware 3.40(PT.0)b32 allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the a parameter. network zyxel | 4.3 |
2006-01-19 | CVE-2006-0302 | Information Disclosure vulnerability in Zyxel P2000W Version 2 Voip Wifi Phone Wv.00.02 ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 allows remote attackers to obtain sensitive information, such as MAC address and software version, by directly accessing UDP port 9090. | 5.0 |
2005-11-21 | CVE-2005-3725 | Information Disclosure vulnerability in Zyxel Prestige 2000W V.1Voip Wi-Fi Phone Wj.00.10 Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 uses hardcoded IP addresses for its DNS servers, which could allow remote attackers to cause a denial of service or hijack Zyxel phones by attacking or spoofing the hardcoded DNS servers. | 6.4 |
2005-11-21 | CVE-2005-3724 | Information Exposure vulnerability in Zyxel products Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 allows remote attackers to obtain sensitive information and possibly cause a denial of service via a direct connection to UDP port 9090, which is undocumented and does not require authentication. | 6.4 |
2005-05-24 | CVE-2005-1717 | Remote Denial of Service vulnerability in Zyxel Prestige 650R-31 3.40Ko.1 ZyXEL Prestige 650R-31 router running ZyNOS FW v3.40(KO.1) allows remote attackers to cause a denial of service (CPU consumption and network loss) via crafted fragmented IP packets. | 5.0 |
2005-05-02 | CVE-2005-0328 | Remote Security vulnerability in Rt311 Zyxel P310, P314, P324 and Netgear RT311, RT314 running the latest firmware, allows remote attackers on the WAN to obtain the IP address of the LAN side interface by pinging a valid LAN IP address, which generates an ARP reply from the WAN address side that maps the LAN IP address to the WAN's MAC address. | 5.0 |
2004-12-31 | CVE-2004-1789 | Cross-Site Scripting vulnerability in ZyXEL ZyWALL 10 Management Interface Cross-site scripting (XSS) vulnerability in the web management interface in ZyWALL 10 4.07 allows remote attackers to inject arbitrary web script or HTML via the rpAuth_1 page. network zyxel | 4.3 |