Zyxel USG1100 Firmware 4.60

CPE Details

Zyxel USG1100 Firmware 4.60
zyxel
usg1100_firmware
4.60
2020-12-23
13h59 +00:00
2021-05-03
18h19 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:zyxel:usg1100_firmware:4.60:*:*:*:*:*:*:*

Informations

Vendor

zyxel

Product

usg1100_firmware

Version

4.60

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-35029 2021-07-02 08h29 +00:00 An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device.
9.8
Critical
CVE-2020-29583 2020-12-22 00h00 +00:00 Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges.
9.8
Critical
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.