Zyxel GS1200-8 Switch

Platform Information https://www.zyxel.com/products_services/5-Port-8-Port-Web-Managed-Gigabit-Switch-GS1200-5-GS1200-8/specifications
Search Engine Search on Google
End of Sales -
End of Support -
Wired Connection Yes
Wireless Connection -
Fingerprinting Source HTTP NIC VENDOR
Added at Jun 11, 2019
Manufacturer Name Zyxel Communications Corp
Homepage https://www.zyxel.com/index.shtml
Headquarters Taiwan
Business Status Ongoing
Acquisition Company Siemens AG
Acquisition Company Homepage http://www.siemens.com

Platform’s Common Vulnerabilities and Exposures (CVE)
CVE-ID
Severity v3.0
Severity v2.0
Description
No records found.
Manufacturer’s Common Vulnerabilities and Exposures (CVE)
CVE-ID
Severity v3.0
Severity v2.0
Description
CVE-2019-6725
05/31/2019
CRITICAL
HIGH
The rpWLANRedirect.asp ASP page is accessible without authentication on ZyXEL P-660HN-T1 V2 (2.00(AAKK.3)) devices. After accessing the page, the admin user's password can be obtained by viewing the HTML source code, and the interface of the modem can be accessed as admin.
CVE-2019-9955
04/22/2019
MEDIUM
MEDIUM
On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized 'mp_idx' parameter.
CVE-2019-10634
04/09/2019
MEDIUM
LOW
An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields.
CVE-2019-10633
04/09/2019
HIGH
MEDIUM
An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs.
CVE-2019-10632
04/09/2019
MEDIUM
MEDIUM
A directory traversal vulnerability in the file browser component on the Zyxel NAS 326 version 5.21 and below allows a lower privileged user to change the location of any other user's files.