Zyxel: Security Vulnerabilities
ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 allows remote attackers to obtain sensitive information, such as MAC address and software version, by directly accessing UDP port 9090.
CVSS Score
5.0
EPSS Score
0.005
Published
2006-01-19
Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 allows remote attackers to obtain sensitive information and possibly cause a denial of service via a direct connection to UDP port 9090, which is undocumented and does not require authentication.
CVSS Score
6.4
EPSS Score
0.017
Published
2005-11-21
Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 uses hardcoded IP addresses for its DNS servers, which could allow remote attackers to cause a denial of service or hijack Zyxel phones by attacking or spoofing the hardcoded DNS servers. NOTE: it could be argued that this issue reflects an inherent limitation of DNS itself, so perhaps it should not be included in CVE.
CVSS Score
6.4
EPSS Score
0.006
Published
2005-11-21
ZyXEL Prestige 650R-31 router running ZyNOS FW v3.40(KO.1) allows remote attackers to cause a denial of service (CPU consumption and network loss) via crafted fragmented IP packets.
CVSS Score
5.0
EPSS Score
0.009
Published
2005-05-24
Zyxel P310, P314, P324 and Netgear RT311, RT314 running the latest firmware, allows remote attackers on the WAN to obtain the IP address of the LAN side interface by pinging a valid LAN IP address, which generates an ARP reply from the WAN address side that maps the LAN IP address to the WAN's MAC address.
CVSS Score
5.0
EPSS Score
0.003
Published
2005-05-02
ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administration enabled, does not require a password to access rpFWUpload.html, which allows remote attackers to reset the router configuration file.
CVSS Score
5.0
EPSS Score
0.051
Published
2004-12-31
Cross-site scripting (XSS) vulnerability in the web management interface in ZyWALL 10 4.07 allows remote attackers to inject arbitrary web script or HTML via the rpAuth_1 page.
CVSS Score
4.3
EPSS Score
0.015
Published
2004-12-31
Zyxel P681 running ZyNOS Vt020225a contains portions of memory in an ARP request, which allows remote attackers to obtain sensitive information by sniffing the network.
CVSS Score
5.0
EPSS Score
0.004
Published
2004-09-13
Prestige 650HW-31 running Rompager 4.7 software allows remote attackers to cause a denial of service (device reboot) via a long password.
CVSS Score
5.0
EPSS Score
0.008
Published
2004-08-06
ZyXEL Prestige 642R allows remote attackers to cause a denial of service in the Telnet, FTP, and DHCP services (crash) via a TCP packet with both the SYN and ACK flags set.
CVSS Score
5.0
EPSS Score
0.05
Published
2002-10-04