Vulnerabilities > Zyxel > UOS

DATE CVE VULNERABILITY TITLE RISK
2024-10-22 CVE-2024-9677 Insufficiently Protected Credentials vulnerability in Zyxel UOS 1.20/1.21
The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series uOS firmware version V1.21 and earlier versions could allow an authenticated local attacker to gain privilege escalation by stealing the authentication token of a login administrator.
local
low complexity
zyxel CWE-522
7.8