Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Zyxel — Vulnerabilities & Security Advisories 156

Browse all 156 CVE security advisories affecting Zyxel. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ZyXEL Communications specializes in networking hardware, primarily producing broadband routers, wireless access points, and network-attached storage devices for residential and small-to-medium business environments. The company’s product portfolio has been associated with a significant volume of security flaws, with 156 Common Vulnerabilities and Exposures currently on record. Historically, these vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from inadequate input validation and weak authentication mechanisms in embedded web interfaces. Notable incidents include critical flaws allowing unauthenticated attackers to execute arbitrary commands or bypass access controls on various NAS and router models. These recurring issues highlight persistent challenges in the firm’s firmware development lifecycle, necessitating rigorous patch management for deployed infrastructure to mitigate risks of unauthorized system access and data compromise.

Top products by Zyxel: ATP series firmware NAS326 firmware VMG8825-T50K firmware VMG3625-T50B firmware USG/Zywall series Firmware USG FLEX series firmware NR7101 firmware NBG-418N v2 firmware VMG4325-B10A firmware USG FLEX 100(W) firmware ZyWALL/USG series firmware USG FLEX H series uOS firmware AX7501-B0 firmware NBG6604 firmware DX5401-B0 firmware VMG3312-T20A firmware GS1900-48 firmware DX3301-T0 firmware DX3300-T0 firmware ARMOR Z2 (NBG6817) firmware NBG6604 series firmware GS1900 series firmware ZyWALL VPN2S Firmware GS1900-10HP firmware WBE660S firmware NWA1123ACv3 firmware NWA1100-N firmware WRE6505 v2 firmware P-6101C firmware WBE530 firmware
CVE IDTitleCVSSSeverityPublished
CVE-2021-35028 Zyxel Vpn2S 操作系统命令注入漏洞 — ZyWALL VPN2S FirmwareCWE-78 7.3 High2021-09-29
CVE-2021-35027 Zyxel VPN2S 路径遍历漏洞 — ZyWALL VPN2S FirmwareCWE-27 7.5 High2021-09-29
CVE-2021-35030 Zyxel GS1900-8 跨站脚本漏洞 — GS1900-8 FirmwareCWE-79 3.5 Low2021-07-26
CVE-2021-35029 ZyXEL ZyWALL USG 授权问题漏洞 — USG/Zywall series FirmwareCWE-287 9.8 Critical2021-07-02
CVE-2020-9054 ZyXEL NAS products running firmware version 5.21 and earlier are vulnerable to pre-authentication command injection in weblogin.cgi — NAS326CWE-78 9.8 -2020-03-04
CVE-2018-1164 ZyXEL P-870H-51 DSL Router 安全漏洞 — ZyXEL P-870H-51 DSL RouterCWE-306 9.8 -2018-02-21

This page lists every published CVE security advisory associated with Zyxel. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.