Vulnerabilities > Zyxel > VPN Orchestrator

DATE CVE VULNERABILITY TITLE RISK
2020-12-27 CVE-2020-29299 Command Injection vulnerability in Zyxel products
Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action.
network
low complexity
zyxel CWE-77
7.2