Vulnerabilities > Zyxel > ZLD
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-27 | CVE-2020-29299 | Command Injection vulnerability in Zyxel products Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. | 7.2 |
2020-11-27 | CVE-2020-25014 | Out-of-bounds Write vulnerability in Zyxel Access Points Firmware and ZLD A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet. | 9.8 |