← Back

Zyxel

zyxel

326 CVEs • 881 products

Products (881)

Click to collapse
Toggle
Cloudcnm Secumanager
cloudcnm_secumanager
35 CVEs
Gs1900 10hp Firmware
gs1900-10hp_firmware
34 CVEs
Usg Flex 100w Firmware
usg_flex_100w_firmware
34 CVEs
Usg Flex 200 Firmware
usg_flex_200_firmware
34 CVEs
Usg Flex 500 Firmware
usg_flex_500_firmware
34 CVEs
Usg Flex 700 Firmware
usg_flex_700_firmware
34 CVEs
Usg Flex 100 Firmware
usg_flex_100_firmware
30 CVEs
Emg3525 T50b Firmware
emg3525-t50b_firmware
26 CVEs
Emg5523 T50b Firmware
emg5523-t50b_firmware
26 CVEs
Vmg8623 T50b Firmware
vmg8623-t50b_firmware
26 CVEs
Usg Flex 50w Firmware
usg_flex_50w_firmware
26 CVEs
Atp200 Firmware
atp200_firmware
25 CVEs
Atp500 Firmware
atp500_firmware
25 CVEs
Atp800 Firmware
atp800_firmware
25 CVEs
Nas326 Firmware
nas326_firmware
24 CVEs
Vpn50 Firmware
vpn50_firmware
24 CVEs
Vpn100 Firmware
vpn100_firmware
24 CVEs
Vpn300 Firmware
vpn300_firmware
24 CVEs
Atp100 Firmware
atp100_firmware
24 CVEs
Vpn1000 Firmware
vpn1000_firmware
23 CVEs
Atp100w Firmware
atp100w_firmware
23 CVEs
Atp700 Firmware
atp700_firmware
23 CVEs
Vmg3625 T50b Firmware
vmg3625-t50b_firmware
23 CVEs
Usg Flex 50 Firmware
usg_flex_50_firmware
23 CVEs
Dx3301 T0 Firmware
dx3301-t0_firmware
22 CVEs
Ex3510 B0 Firmware
ex3510-b0_firmware
22 CVEs
Zld
zld
21 CVEs
Dx5401 B0 Firmware
dx5401-b0_firmware
21 CVEs
Emg5723 T50k Firmware
emg5723-t50k_firmware
21 CVEs
Vmg3927 T50k Firmware
vmg3927-t50k_firmware
21 CVEs
Vmg8825 T50k Firmware
vmg8825-t50k_firmware
21 CVEs
Ex3301 T0 Firmware
ex3301-t0_firmware
21 CVEs
Ex5510 B0 Firmware
ex5510-b0_firmware
21 CVEs
Ex5512 T0 Firmware
ex5512-t0_firmware
21 CVEs
Ex5601 T0 Firmware
ex5601-t0_firmware
21 CVEs
Ex5601 T1 Firmware
ex5601-t1_firmware
21 CVEs
Wx5600 T0 Firmware
wx5600-t0_firmware
21 CVEs
Pm7300 T0 Firmware
pm7300-t0_firmware
20 CVEs
Usg 20w Vpn Firmware
usg_20w-vpn_firmware
19 CVEs
Ex5401 B0 Firmware
ex5401-b0_firmware
19 CVEs
Dx4510 B1 Firmware
dx4510-b1_firmware
19 CVEs
Vmg4005 B50a Firmware
vmg4005-b50a_firmware
19 CVEs
Vmg4005 B60a Firmware
vmg4005-b60a_firmware
19 CVEs
Wx3100 T0 Firmware
wx3100-t0_firmware
19 CVEs
Dx5401 B1 Firmware
dx5401-b1_firmware
19 CVEs
Nas542 Firmware
nas542_firmware
18 CVEs
Ax7501 B0 Firmware
ax7501-b0_firmware
18 CVEs
Dx3300 T1 Firmware
dx3300-t1_firmware
18 CVEs
Ex3300 T1 Firmware
ex3300-t1_firmware
18 CVEs
Ex3500 T0 Firmware
ex3500-t0_firmware
18 CVEs
Ex3501 T0 Firmware
ex3501-t0_firmware
18 CVEs
Ex5401 B1 Firmware
ex5401-b1_firmware
18 CVEs
Ex7710 B0 Firmware
ex7710-b0_firmware
18 CVEs
Ax7501 B1 Firmware
ax7501-b1_firmware
18 CVEs
Px3321 T1 Firmware
px3321-t1_firmware
18 CVEs
Pm3100 T0 Firmware
pm3100-t0_firmware
17 CVEs
Pm5100 T0 Firmware
pm5100-t0_firmware
17 CVEs
Gs1900 8 Firmware
gs1900-8_firmware
16 CVEs
Gs1900 24 Firmware
gs1900-24_firmware
16 CVEs
Ex7501 B0 Firmware
ex7501-b0_firmware
16 CVEs
Ex3300 T0 Firmware
ex3300-t0_firmware
16 CVEs
Dx3300 T0 Firmware
dx3300-t0_firmware
16 CVEs
Zynos
zynos
15 CVEs
Usg20 Vpn Firmware
usg20-vpn_firmware
15 CVEs
Gs1900 8hp Firmware
gs1900-8hp_firmware
15 CVEs
Gs1900 16 Firmware
gs1900-16_firmware
15 CVEs
Gs1900 24e Firmware
gs1900-24e_firmware
15 CVEs
Gs1900 48 Firmware
gs1900-48_firmware
15 CVEs
Dx4510 B0 Firmware
dx4510-b0_firmware
15 CVEs
Ex3510 B1 Firmware
ex3510-b1_firmware
15 CVEs
Ex3600 T0 Firmware
ex3600-t0_firmware
15 CVEs
Usg 2200 Vpn Firmware
usg_2200-vpn_firmware
14 CVEs
Ex5501 B0 Firmware
ex5501-b0_firmware
14 CVEs
Wx3401 B0 Firmware
wx3401-b0_firmware
13 CVEs
Wx5610 B0 Firmware
wx5610-b0_firmware
13 CVEs
Ee6510 10 Firmware
ee6510-10_firmware
12 CVEs
Px5301 T0 Firmware
px5301-t0_firmware
12 CVEs
Usg20w Vpn Firmware
usg20w-vpn_firmware
11 CVEs
Nwa110ax Firmware
nwa110ax_firmware
11 CVEs
Nwa210ax Firmware
nwa210ax_firmware
11 CVEs
Wax510d Firmware
wax510d_firmware
11 CVEs
Wax610d Firmware
wax610d_firmware
11 CVEs
Wax630s Firmware
wax630s_firmware
11 CVEs
Wax650s Firmware
wax650s_firmware
11 CVEs
Usg210 Firmware
usg210_firmware
10 CVEs
Usg310 Firmware
usg310_firmware
10 CVEs
Lte3301 Plus Firmware
lte3301-plus_firmware
10 CVEs
Nwa50ax Firmware
nwa50ax_firmware
10 CVEs
Nwa55axe Firmware
nwa55axe_firmware
10 CVEs
Nwa90ax Firmware
nwa90ax_firmware
10 CVEs
Wac500h Firmware
wac500h_firmware
10 CVEs
Usg40 Firmware
usg40_firmware
9 CVEs
Usg40w Firmware
usg40w_firmware
9 CVEs
Usg60 Firmware
usg60_firmware
9 CVEs
Usg60w Firmware
usg60w_firmware
9 CVEs
Zywall Vpn100 Firmware
zywall_vpn100_firmware
9 CVEs
Zywall Vpn300 Firmware
zywall_vpn300_firmware
9 CVEs
Gs1900 24hp Firmware
gs1900-24hp_firmware
9 CVEs
Gs1900 48hp Firmware
gs1900-48hp_firmware
9 CVEs
Gs1900 24ep Firmware
gs1900-24ep_firmware
9 CVEs

CVEs (326)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2017-17901
1Zyxel
1P 660hw Firmware
May 13, 2026
Dec 29, 2017
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
ZyXEL P-660HW v3 devices allow remote attackers to cause a denial of service (CPU consumption) via a flood of IP packets with a TTL of 1.
CVE-2017-15226
1Zyxel
1Nbg6716 Firmware
May 13, 2026
Oct 10, 2017
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call.
CVE-2015-7256
1Zyxel
25C1000z Firmware
Fr1000z FirmwareGs1900 24 Firmware+22 more
May 13, 2026
Sep 28, 2017
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B10...Show more
ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys.Show less
CVE-2016-10401
1Zyxel
1Pk5001z Firmware
May 13, 2026
Jul 25, 2017
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
ZyXEL PK5001Z devices have zyad5001 as the su password, which makes it easier for remote attackers to obtain root access if a non-root account password is known (or a non-root default account exists within an ISP's deplo...Show more
ZyXEL PK5001Z devices have zyad5001 as the su password, which makes it easier for remote attackers to obtain root access if a non-root account password is known (or a non-root default account exists within an ISP's deployment of these devices).Show less
CVE-2017-3216
5Greenpacket
HuaweiMada+2 more
14Bm2022 Firmware
Hes 309m FirmwareHes 319m2w Firmware+11 more
May 13, 2026
Jun 20, 2017
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by perform...Show more
WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a crafted POST request.Show less
CVE-2017-7964
1Zyxel
1Wre6505 Firmware
May 13, 2026
Apr 19, 2017
N/A· v4
10.0 CRITICAL· v3
10.0 HIGH· v2
Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts, which makes it easier for remote attackers to conduct DNS hijacking attacks by reconfiguring the built-in dnshijacker process.
CVE-2017-6884
1Zyxel
1Emg2926 Firmware
Apr 21, 2026
Apr 6, 2017
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user...Show more
A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI.Show less
CVE-2016-10227
1Zyxel
2Nwa3560 N Firmware
Usg50 Firmware
May 13, 2026
Feb 21, 2017
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Zyxel USG50 Security Appliance and NWA3560-N Access Point allow remote attackers to cause a denial of service (CPU consumption) via a flood of ICMPv4 Port Unreachable packets.
CVE-2016-1346
5Dell
NetgearSamsung+2 more
5Emc Powerscale Onefs
Gs1900 10hp FirmwareJr6150 Firmware+2 more
May 6, 2026
Apr 6, 2016
N/A· v4
5.9 MEDIUM· v3
7.1 HIGH· v2
The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets,...Show more
The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673.Show less
CVE-2015-6313
3Sun
ZyxelZzinc
3Gs1900 10hp Firmware
Keymouse FirmwareOpensolaris
May 6, 2026
Apr 6, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of servic...Show more
Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted HTTP requests that are not followed by an unspecified negotiation, aka Bug ID CSCuv47565.Show less
CVE-2015-6312
4Dell
NetgearZyxel+1 more
4Emc Powerscale Onefs
Gs1900 10hp FirmwareJr6150 Firmware+1 more
May 6, 2026
Apr 6, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malforme...Show more
Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348.Show less
CVE-2016-1350
6Cisco
LenovoSamsung+3 more
6Gs1900 10hp Firmware
Ios XeKeymouse Firmware+3 more
May 6, 2026
Mar 26, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293.
CVE-2016-1349
7Cisco
IntelNetgear+4 more
7Core I5 9400f Firmware
Gs1900 10hp FirmwareIos Xe+4 more
May 6, 2026
Mar 26, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Insta...Show more
The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.Show less
CVE-2016-1348
6Cisco
NetgearSamsung+3 more
6Gs1900 10hp Firmware
Ios XeJr6150 Firmware+3 more
May 6, 2026
Mar 26, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.
CVE-2016-1344
7Cisco
LenovoNetgear+4 more
7Gs1900 10hp Firmware
Ios XeJr6150 Firmware+4 more
May 6, 2026
Mar 26, 2016
N/A· v4
5.9 MEDIUM· v3
7.1 HIGH· v2
The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417.
CVE-2015-6260
1Zyxel
1Gs1900 10hp Firmware
May 6, 2026
Mar 3, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote attackers to cause a denial of service (SNMP application restart) via a crafted packet, a...Show more
Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote attackers to cause a denial of service (SNMP application restart) via a crafted packet, aka Bug ID CSCut84645.Show less
CVE-2015-0718
6Cisco
NetgearSamsung+3 more
7Gs1900 10hp Firmware
Jr6150 FirmwareKeymouse Firmware+4 more
May 6, 2026
Mar 3, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted...Show more
Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579.Show less
CVE-2016-1329
4Samsung
SunZyxel+1 more
4Gs1900 10hp Firmware
Keymouse FirmwareOpensolaris+1 more
May 6, 2026
Mar 3, 2016
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileg...Show more
Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800.Show less
CVE-2016-1319
4Samsung
SunZyxel+1 more
4Gs1900 10hp Firmware
Keymouse FirmwareOpensolaris+1 more
May 6, 2026
Feb 9, 2016
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express...Show more
Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958.Show less
CVE-2016-1317
1Zyxel
1Gs1900 10hp Firmware
May 6, 2026
Feb 9, 2016
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
Cisco Unified Communications Manager 11.5(0.98000.480) allows remote authenticated users to obtain sensitive database table-name and entity-name information via a direct request to an unspecified URL, aka Bug ID CSCuy110...Show more
Cisco Unified Communications Manager 11.5(0.98000.480) allows remote authenticated users to obtain sensitive database table-name and entity-name information via a direct request to an unspecified URL, aka Bug ID CSCuy11098.Show less