Shodan
Vulnerabilities
Vulnerable Software
Zscaler:  Security Vulnerabilities
CVE-2023-28793
Buffer overflow vulnerability in the signelf library used by Zscaler Client Connector on Linux allows Code Injection. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-10-23
CVE-2023-28795
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Inclusion of Code in Existing Process. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-10-23
CVE-2023-28796
Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows Code Injection. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6.
CVSS Score
7.1
EPSS Score
0.0
Published
2023-10-23
CVE-2023-28797
Zscaler Client Connector for Windows before 4.1 writes/deletes a configuration file inside specific folders on the disk. A malicious user can replace the folder and execute code as a privileged user.
CVSS Score
6.3
EPSS Score
0.0
Published
2023-10-23
CVE-2023-28803
An authentication bypass by spoofing of a device with a synthetic IP address is possible in Zscaler Client Connector on Windows, allowing a functionality bypass. This issue affects Client Connector: before 3.9.
CVSS Score
5.9
EPSS Score
0.0
Published
2023-10-23
CVE-2023-28804
An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows replacing binaries.This issue affects Linux Client Connector: before 1.4.0.105
CVSS Score
8.2
EPSS Score
0.0
Published
2023-10-23
CVE-2023-28805
An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege Escalation. This issue affects Client Connector: before 1.4.0.105
CVSS Score
6.7
EPSS Score
0.001
Published
2023-10-23
CVE-2021-26734
Zscaler Client Connector Installer on Windows before version 3.4.0.124 improperly handled directory junctions during uninstallation. A local adversary may be able to delete folders in an elevated context.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-10-23
CVE-2023-41717
Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior allows local attackers to bypass file download/upload restrictions.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-08-31
CVE-2023-28801
An Improper Verification of Cryptographic Signature in the SAML authentication of the Zscaler Admin UI allows a Privilege Escalation.This issue affects Admin UI: from 6.2 before 6.2r.
CVSS Score
9.6
EPSS Score
0.001
Published
2023-08-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved