Zyxel: Security Vulnerabilities
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-06-29
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-06-29
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account.
CVSS Score
5.9
EPSS Score
0.003
Published
2020-06-29
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account.
CVSS Score
5.9
EPSS Score
0.003
Published
2020-06-29
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account.
CVSS Score
5.9
EPSS Score
0.003
Published
2020-06-29
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /registerCpe requests.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-06-26
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /cnr requests.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-06-26
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/delete_cpes_by_ids?cpe_ids= for eval injection of Python code.
CVSS Score
9.8
EPSS Score
0.012
Published
2020-06-26
Zyxel Armor X1 WAP6806 1.00(ABAL.6)C0 devices allow Directory Traversal via the images/eaZy/ URI.
CVSS Score
8.6
EPSS Score
0.106
Published
2020-06-22
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
CVSS Score
7.5
EPSS Score
0.04
Published
2020-06-08