Shodan
Vulnerabilities
Vulnerable Software
Zyxel:  >> Cloudcnm Secumanager  Security Vulnerabilities
CVE-2020-15339
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows live/CPEManager/AXCampaignManager/handle_campaign_script_link?script_name= XSS.
CVSS Score
6.1
EPSS Score
0.007
Published
2022-09-29
CVE-2020-15340
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded opt/axess/AXAssets/default_axess/axess/TR69/Handlers/turbolink/sshkeys/id_rsa SSH key.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-09-29
CVE-2020-15341
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated update_all_realm_license API.
CVSS Score
7.5
EPSS Score
0.008
Published
2022-09-29
CVE-2020-15342
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user API.
CVSS Score
5.3
EPSS Score
0.004
Published
2022-09-29
CVE-2020-15343
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user_key API.
CVSS Score
5.3
EPSS Score
0.004
Published
2022-09-29
CVE-2020-15344
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_user_id_and_key API.
CVSS Score
5.3
EPSS Score
0.004
Published
2022-09-29
CVE-2020-15345
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_instances_for_update API.
CVSS Score
5.3
EPSS Score
0.004
Published
2022-09-29
CVE-2020-15346
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key.
CVSS Score
5.3
EPSS Score
0.005
Published
2022-09-29
CVE-2020-15347
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the q6xV4aW8bQ4cfD-b password for the axiros account.
CVSS Score
9.8
EPSS Score
0.01
Published
2022-09-29
CVE-2020-15325
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication.
CVSS Score
5.3
EPSS Score
0.003
Published
2022-09-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved