ZyXEL ES-2024PWR Switch
| Platform Information | https://www.cnet.com/products/zyxel-dimension-es-2024pwr-switch-24-ports-managed-desktop-series/ |
|---|---|
| Search Engine | Search on Google |
| End of Sales | - |
| End of Support | - |
| Wired Connection | Yes |
| Wireless Connection | - |
| Fingerprinting Source | HTTP NIC VENDOR |
| Added at | Nov 05, 2019 |
| Manufacturer Name | Zyxel Communications Corp |
| Homepage | https://www.zyxel.com/index.shtml |
| Headquarters | Taiwan |
| Business Status | Ongoing |
| Platform’s Common Vulnerabilities and Exposures (CVE) | ||
|---|---|---|
|
CVE-ID
Severity v3.0
Severity v2.0
Description
|
||
|
No records found.
|
||
| Manufacturer’s Common Vulnerabilities and Exposures (CVE) | ||
|---|---|---|
|
CVE-ID
Severity v3.0
Severity v2.0
Description
|
||
|
CVE-2019-10631
04/09/2019 HIGH
MEDIUM
Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests.
|
||
|
CVE-2019-10630
04/09/2019 HIGH
MEDIUM
A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device.
|
||
|
CVE-2019-7391
03/21/2019 HIGH
MEDIUM
ZyXEL VMG3312-B10B DSL-491HNU-B1B v2 devices allow login/login-page.cgi CSRF.
|
||
|
CVE-2019-6710
03/07/2019 HIGH
MEDIUM
Zyxel NBG-418N v2 v1.00(AAXM.4)C0 devices allow login.cgi CSRF.
|
||
|
CVE-2018-14893
11/27/2018 HIGH
HIGH
A system command injection vulnerability in zyshclient in ZyXEL NSA325 V2 version 4.81 allows attackers to execute system commands via the web application API.
|
||