Vulnerabilities > Zyxel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-01 | CVE-2021-46387 | Cross-site Scripting vulnerability in Zyxel Zywall 2 Plus Internet Security Appliance Firmware ZyXEL ZyWALL 2 Plus Internet Security Appliance is affected by Cross Site Scripting (XSS). | 6.1 |
| 2022-03-01 | CVE-2021-35036 | Cleartext Storage of Sensitive Information vulnerability in Zyxel products A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file. | 6.5 |
| 2021-12-29 | CVE-2021-35035 | Cleartext Storage of Sensitive Information vulnerability in Zyxel Nbg6604 Firmware A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file. | 6.5 |
| 2021-07-26 | CVE-2021-35030 | Cross-site Scripting vulnerability in Zyxel products A vulnerability was found in the CGI program in Zyxel GS1900-8 firmware version V2.60, that did not properly sterilize packet contents and could allow an authenticated, local user to perform a cross-site scripting (XSS) attack via a crafted LLDP packet. | 4.3 |
| 2020-06-29 | CVE-2020-15319 | Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree. | 5.9 |
| 2020-06-29 | CVE-2020-15318 | Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree. | 5.9 |
| 2020-06-29 | CVE-2020-15317 | Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree. | 5.9 |
| 2020-06-29 | CVE-2020-15316 | Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree. | 5.9 |
| 2020-06-29 | CVE-2020-15315 | Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/axess chroot directory tree. | 5.9 |
| 2020-06-29 | CVE-2020-15314 | Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account. | 5.9 |