← Back

Zyxel

zyxel

326 CVEs • 881 products

Products (881)

Click to collapse
Toggle
Cloudcnm Secumanager
cloudcnm_secumanager
35 CVEs
Gs1900 10hp Firmware
gs1900-10hp_firmware
34 CVEs
Usg Flex 100w Firmware
usg_flex_100w_firmware
34 CVEs
Usg Flex 200 Firmware
usg_flex_200_firmware
34 CVEs
Usg Flex 500 Firmware
usg_flex_500_firmware
34 CVEs
Usg Flex 700 Firmware
usg_flex_700_firmware
34 CVEs
Usg Flex 100 Firmware
usg_flex_100_firmware
30 CVEs
Emg3525 T50b Firmware
emg3525-t50b_firmware
26 CVEs
Emg5523 T50b Firmware
emg5523-t50b_firmware
26 CVEs
Vmg8623 T50b Firmware
vmg8623-t50b_firmware
26 CVEs
Usg Flex 50w Firmware
usg_flex_50w_firmware
26 CVEs
Atp200 Firmware
atp200_firmware
25 CVEs
Atp500 Firmware
atp500_firmware
25 CVEs
Atp800 Firmware
atp800_firmware
25 CVEs
Nas326 Firmware
nas326_firmware
24 CVEs
Vpn50 Firmware
vpn50_firmware
24 CVEs
Vpn100 Firmware
vpn100_firmware
24 CVEs
Vpn300 Firmware
vpn300_firmware
24 CVEs
Atp100 Firmware
atp100_firmware
24 CVEs
Vpn1000 Firmware
vpn1000_firmware
23 CVEs
Atp100w Firmware
atp100w_firmware
23 CVEs
Atp700 Firmware
atp700_firmware
23 CVEs
Vmg3625 T50b Firmware
vmg3625-t50b_firmware
23 CVEs
Usg Flex 50 Firmware
usg_flex_50_firmware
23 CVEs
Dx3301 T0 Firmware
dx3301-t0_firmware
22 CVEs
Ex3510 B0 Firmware
ex3510-b0_firmware
22 CVEs
Zld
zld
21 CVEs
Dx5401 B0 Firmware
dx5401-b0_firmware
21 CVEs
Emg5723 T50k Firmware
emg5723-t50k_firmware
21 CVEs
Vmg3927 T50k Firmware
vmg3927-t50k_firmware
21 CVEs
Vmg8825 T50k Firmware
vmg8825-t50k_firmware
21 CVEs
Ex3301 T0 Firmware
ex3301-t0_firmware
21 CVEs
Ex5510 B0 Firmware
ex5510-b0_firmware
21 CVEs
Ex5512 T0 Firmware
ex5512-t0_firmware
21 CVEs
Ex5601 T0 Firmware
ex5601-t0_firmware
21 CVEs
Ex5601 T1 Firmware
ex5601-t1_firmware
21 CVEs
Wx5600 T0 Firmware
wx5600-t0_firmware
21 CVEs
Pm7300 T0 Firmware
pm7300-t0_firmware
20 CVEs
Usg 20w Vpn Firmware
usg_20w-vpn_firmware
19 CVEs
Ex5401 B0 Firmware
ex5401-b0_firmware
19 CVEs
Dx4510 B1 Firmware
dx4510-b1_firmware
19 CVEs
Vmg4005 B50a Firmware
vmg4005-b50a_firmware
19 CVEs
Vmg4005 B60a Firmware
vmg4005-b60a_firmware
19 CVEs
Wx3100 T0 Firmware
wx3100-t0_firmware
19 CVEs
Dx5401 B1 Firmware
dx5401-b1_firmware
19 CVEs
Nas542 Firmware
nas542_firmware
18 CVEs
Ax7501 B0 Firmware
ax7501-b0_firmware
18 CVEs
Dx3300 T1 Firmware
dx3300-t1_firmware
18 CVEs
Ex3300 T1 Firmware
ex3300-t1_firmware
18 CVEs
Ex3500 T0 Firmware
ex3500-t0_firmware
18 CVEs
Ex3501 T0 Firmware
ex3501-t0_firmware
18 CVEs
Ex5401 B1 Firmware
ex5401-b1_firmware
18 CVEs
Ex7710 B0 Firmware
ex7710-b0_firmware
18 CVEs
Ax7501 B1 Firmware
ax7501-b1_firmware
18 CVEs
Px3321 T1 Firmware
px3321-t1_firmware
18 CVEs
Pm3100 T0 Firmware
pm3100-t0_firmware
17 CVEs
Pm5100 T0 Firmware
pm5100-t0_firmware
17 CVEs
Gs1900 8 Firmware
gs1900-8_firmware
16 CVEs
Gs1900 24 Firmware
gs1900-24_firmware
16 CVEs
Ex7501 B0 Firmware
ex7501-b0_firmware
16 CVEs
Ex3300 T0 Firmware
ex3300-t0_firmware
16 CVEs
Dx3300 T0 Firmware
dx3300-t0_firmware
16 CVEs
Zynos
zynos
15 CVEs
Usg20 Vpn Firmware
usg20-vpn_firmware
15 CVEs
Gs1900 8hp Firmware
gs1900-8hp_firmware
15 CVEs
Gs1900 16 Firmware
gs1900-16_firmware
15 CVEs
Gs1900 24e Firmware
gs1900-24e_firmware
15 CVEs
Gs1900 48 Firmware
gs1900-48_firmware
15 CVEs
Dx4510 B0 Firmware
dx4510-b0_firmware
15 CVEs
Ex3510 B1 Firmware
ex3510-b1_firmware
15 CVEs
Ex3600 T0 Firmware
ex3600-t0_firmware
15 CVEs
Usg 2200 Vpn Firmware
usg_2200-vpn_firmware
14 CVEs
Ex5501 B0 Firmware
ex5501-b0_firmware
14 CVEs
Wx3401 B0 Firmware
wx3401-b0_firmware
13 CVEs
Wx5610 B0 Firmware
wx5610-b0_firmware
13 CVEs
Ee6510 10 Firmware
ee6510-10_firmware
12 CVEs
Px5301 T0 Firmware
px5301-t0_firmware
12 CVEs
Usg20w Vpn Firmware
usg20w-vpn_firmware
11 CVEs
Nwa110ax Firmware
nwa110ax_firmware
11 CVEs
Nwa210ax Firmware
nwa210ax_firmware
11 CVEs
Wax510d Firmware
wax510d_firmware
11 CVEs
Wax610d Firmware
wax610d_firmware
11 CVEs
Wax630s Firmware
wax630s_firmware
11 CVEs
Wax650s Firmware
wax650s_firmware
11 CVEs
Usg210 Firmware
usg210_firmware
10 CVEs
Usg310 Firmware
usg310_firmware
10 CVEs
Lte3301 Plus Firmware
lte3301-plus_firmware
10 CVEs
Nwa50ax Firmware
nwa50ax_firmware
10 CVEs
Nwa55axe Firmware
nwa55axe_firmware
10 CVEs
Nwa90ax Firmware
nwa90ax_firmware
10 CVEs
Wac500h Firmware
wac500h_firmware
10 CVEs
Usg40 Firmware
usg40_firmware
9 CVEs
Usg40w Firmware
usg40w_firmware
9 CVEs
Usg60 Firmware
usg60_firmware
9 CVEs
Usg60w Firmware
usg60w_firmware
9 CVEs
Zywall Vpn100 Firmware
zywall_vpn100_firmware
9 CVEs
Zywall Vpn300 Firmware
zywall_vpn300_firmware
9 CVEs
Gs1900 24hp Firmware
gs1900-24hp_firmware
9 CVEs
Gs1900 48hp Firmware
gs1900-48hp_firmware
9 CVEs
Gs1900 24ep Firmware
gs1900-24ep_firmware
9 CVEs

CVEs (326)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2014-0353
1Zyxel
2N300 Netusb Nbg 419n
N300 Netusb Nbg 419n Firmware
May 6, 2026
Apr 15, 2014
N/A· v4
N/A· v3
6.1 MEDIUM· v2
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote attackers to bypass authentication by using %2F sequences in place of / (slash) characters.
CVE-2013-3588
1Zyxel
11P 660h 61
P 660h 63P 660h 67+8 more
May 6, 2026
Apr 2, 2014
N/A· v4
N/A· v3
7.8 HIGH· v2
The web management interface on Zyxel P660 devices allows remote attackers to cause a denial of service (reboot) via a flood of TCP SYN packets.
CVE-2013-6786
6Allegrosoft
DlinkHuawei+3 more
7Dsl 2640r
Dsl 2641rMt882+4 more
Apr 29, 2026
Jan 16, 2014
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Allegro RomPager before 4.51, as used on the ZyXEL P660HW-D1, Huawei MT882, Sitecom WL-174, TP-LINK TD-8816, and D-Link DSL-2640R and DSL-2641R, when the "forbidden author head...Show more
Cross-site scripting (XSS) vulnerability in Allegro RomPager before 4.51, as used on the ZyXEL P660HW-D1, Huawei MT882, Sitecom WL-174, TP-LINK TD-8816, and D-Link DSL-2640R and DSL-2641R, when the "forbidden author header" protection mechanism is bypassed, allows remote attackers to inject arbitrary web script or HTML by requesting a nonexistent URI in conjunction with a crafted HTTP Referer header that is not properly handled in a 404 page. NOTE: there is no CVE for a "URL redirection" issue that some sources list separately.Show less
CVE-2011-4504
2Genmei Mori
Zyxel
2P 330w Router
Pseudoics
Apr 29, 2026
Nov 22, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
The UPnP IGD implementation in the Pseudo ICS UPnP software on the ZyXEL P-330W allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface,...Show more
The UPnP IGD implementation in the Pseudo ICS UPnP software on the ZyXEL P-330W allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.Show less
CVE-2011-0746
1Zyxel
1O2 Dsl Router Classic
Apr 29, 2026
Apr 13, 2011
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in Forms/PortForwarding_Edit_1 on the ZyXEL O2 DSL Router Classic allows remote attackers to hijack the authentication of administrators for requests that insert cross-site...Show more
Cross-site request forgery (CSRF) vulnerability in Forms/PortForwarding_Edit_1 on the ZyXEL O2 DSL Router Classic allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences via the PortRule_Name parameter.Show less
CVE-2007-6730
1Zyxel
1P 330w Router
Apr 23, 2026
Sep 10, 2009
N/A· v4
N/A· v3
9.3 HIGH· v2
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in the ZyXEL P-330W router allow remote attackers to hijack the authentication of administrators for requests that (1) enable rem...Show more
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in the ZyXEL P-330W router allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote router management via goform/formRmtMgt or (2) modify the administrator password via goform/formPasswordSetup.Show less
CVE-2007-6729
1Zyxel
1P 330w Router
Apr 23, 2026
Sep 10, 2009
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the web management interface in the ZyXEL P-330W router allows remote attackers to inject arbitrary web script or HTML via the pingstr parameter and other unspecified vectors.
CVE-2008-2167
1Zyxel
1Zywall 100
Apr 23, 2026
May 13, 2008
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in ZyXEL ZyWALL 100 allows remote attackers to inject arbitrary web script or HTML via the Referer header, which is not properly handled in a 404 Error page.
CVE-2008-1529
1Zyxel
3Prestige 660
Prestige 661Zynos
Apr 23, 2026
Mar 26, 2008
N/A· v4
N/A· v3
5.0 MEDIUM· v2
ZyXEL Prestige routers have a minimum password length for the admin account that is too small, which makes it easier for remote attackers to guess passwords via brute force methods.
CVE-2008-1528
1Zyxel
3Prestige 660
Prestige 661Zynos
Apr 23, 2026
Mar 26, 2008
N/A· v4
N/A· v3
4.0 MEDIUM· v2
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), allow remote authenticated users to obtain authentication data by making direct HTTP requests and then readi...Show more
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request for (1) RemMagSNMP.html, which discloses SNMP communities; or (2) WLAN.html, which discloses WEP keys.Show less
CVE-2008-1527
1Zyxel
3Prestige 660
Prestige 661Zynos
Apr 23, 2026
Mar 26, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3), support authentication over HTTP via a hash string in the hiddenPassword field, which allows r...Show more
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3), support authentication over HTTP via a hash string in the hiddenPassword field, which allows remote attackers to obtain access via a replay attack.Show less
CVE-2008-1526
1Zyxel
19P 660h 61 Firmware
P 660h 63 FirmwareP 660h 67 Firmware+16 more
Apr 23, 2026
Mar 26, 2008
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3), do not use a salt when calculating an MD5 password hash, which makes it easier for attackers t...Show more
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3), do not use a salt when calculating an MD5 password hash, which makes it easier for attackers to crack passwords.Show less
CVE-2008-1525
1Zyxel
3Prestige 660
Prestige 661Zynos
Apr 23, 2026
Mar 26, 2008
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The default SNMP configuration on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), has a Trusted Host value of 0.0.0.0, which allows remote attackers to send SNMP re...Show more
The default SNMP configuration on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), has a Trusted Host value of 0.0.0.0, which allows remote attackers to send SNMP requests from any source IP address.Show less
CVE-2008-1524
1Zyxel
3Prestige 660
Prestige 661Zynos
Apr 23, 2026
Mar 26, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
The SNMP service on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), has "public" as its default community for both (1) read and (2) write operations, which allows r...Show more
The SNMP service on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), has "public" as its default community for both (1) read and (2) write operations, which allows remote attackers to perform administrative actions via SNMP, as demonstrated by reading the Dynamic DNS service password or inserting an XSS sequence into the system.sysName.0 variable, which is displayed on the System Status page.Show less
CVE-2008-1523
1Zyxel
3Prestige 660
Prestige 661Zynos
Apr 23, 2026
Mar 26, 2008
N/A· v4
N/A· v3
5.0 MEDIUM· v2
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), allow remote authenticated users to obtain ISP and Dynamic DNS credentials by sending a direct request for (...Show more
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), allow remote authenticated users to obtain ISP and Dynamic DNS credentials by sending a direct request for (1) WAN.html, (2) wzPPPOE.html, and (3) rpDyDNS.html, and then reading the HTML source.Show less
CVE-2008-1522
1Zyxel
3Prestige 660
Prestige 661Zynos
Apr 23, 2026
Mar 26, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), have (1) "user" as their default password for the "user" account and (2) "1234" as their default password for the "a...Show more
ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), have (1) "user" as their default password for the "user" account and (2) "1234" as their default password for the "admin" account, which makes it easier for remote attackers to obtain access.Show less
CVE-2008-1521
1Zyxel
3Prestige 660
Prestige 661Zynos
Apr 23, 2026
Mar 26, 2008
N/A· v4
N/A· v3
6.5 MEDIUM· v2
ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), allow remote authenticated users to gain privileges by accessing administrative URIs, as demonstrated by rpSysAdmin....Show more
ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), allow remote authenticated users to gain privileges by accessing administrative URIs, as demonstrated by rpSysAdmin.html.Show less
CVE-2008-1160
1Zyxel
1Zywall 1050 Firmware
Apr 23, 2026
Mar 25, 2008
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not changed when it is set by a user, which allows remote attackers to gain privileges.
CVE-2008-1261
1Zyxel
1P 2602hw D1a
Apr 23, 2026
Mar 10, 2008
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware provides different responses to admin page requests depending on whether a user is logged in, which allows remote attackers to obtain current login status by reques...Show more
The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware provides different responses to admin page requests depending on whether a user is logged in, which allows remote attackers to obtain current login status by requesting an arbitrary admin URI.Show less
CVE-2008-1260
1Zyxel
1P 2602hw D1a
Apr 23, 2026
Mar 10, 2008
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site request forgery (CSRF) vulnerabilities on the Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware allow remote attackers to (1) make the admin web server available on the Internet (WAN) interface via...Show more
Multiple cross-site request forgery (CSRF) vulnerabilities on the Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware allow remote attackers to (1) make the admin web server available on the Internet (WAN) interface via the WWWAccessInterface parameter to Forms/RemMagWWW_1 or (2) change the IP whitelisting timeout via the StdioTimout parameter to Forms/rpSysAdmin_1.Show less