These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-7273 is a stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2.90(ABTQ.1)C0. This vulnerability could allow a LAN-based, unauthenticated attacker to exploit the flaw and potentially execute OS commands via a crafted HTTP request. The vulnerability has a CVSS score of 8.8 and is classified as HIGH severity.
A missing authorization vulnerability in Zyxel GS1200v3 series switches allows unauthenticated LAN attackers to read system configuration from a log file via crafted HTTP requests. The vulnerability affects GS1200-5v3, GS1200-8v3, GS1200-5HPv3, GS1200-8HPv3, and GS1200-10v3 models running firmware through specified versions. The CVSS 3.1 vector (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) indicates attack from a [truncated]
CVE-2024-40891 is a Zyxel DSL CPE OS command injection vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2025-02-11. The KEV entry also notes the impacted product may be end-of-life or end-of-service, and that users should discontinue use if no current mitigation is available.
CVE-2024-40890 is a Zyxel DSL CPE OS command injection vulnerability that CISA added to the Known Exploited Vulnerabilities catalog on 2025-02-11. The KEV entry indicates the affected product may be end-of-life or end-of-service, and CISA advises discontinuing use of the product if a current mitigation is not available. Because this issue is already in KEV, defenders should treat it as an active risk indi [truncated]
CVE-2024-11667 affects Zyxel multiple firewall products and was added to CISA's Known Exploited Vulnerabilities catalog on 2024-12-03. CISA classifies the issue as a path traversal vulnerability, notes known ransomware campaign use, and sets a remediation due date of 2024-12-24. Defenders should treat this as an urgent exposure: apply vendor-provided mitigations immediately, and if mitigations are not ava [truncated]
CVE-2017-6884 is a Zyxel EMG2926 router command injection vulnerability that CISA lists in its Known Exploited Vulnerabilities catalog. The KEV entry indicates known exploitation and marks known ransomware campaign use as "Known," so defenders should treat this as an urgent remediation item. CISA added the entry on 2023-09-18 and set a due date of 2023-10-09 for applying mitigations or discontinuing use i [truncated]
CVE-2017-18368 is a command injection vulnerability affecting Zyxel P660HN-T1A routers. CISA added it to the Known Exploited Vulnerabilities catalog on 2023-08-07 and set a remediation due date of 2023-08-28. Because it is a KEV-listed issue, defenders should treat any exposed or in-service affected device as an active risk and follow the vendor guidance referenced by CISA.
CVE-2023-27992 is a Zyxel command-injection vulnerability affecting multiple NAS devices. CISA added it to the Known Exploited Vulnerabilities catalog on 2023-06-23 and set a remediation due date of 2023-07-14. Organizations should treat affected Zyxel NAS appliances as urgent patching candidates, especially where they store backups or other sensitive data.
CVE-2023-33010 is a buffer overflow vulnerability affecting Zyxel multiple firewalls. CISA added it to the Known Exploited Vulnerabilities catalog on 2023-06-05, which makes it a defensive priority for organizations running affected Zyxel firewall products. The official guidance in the supplied corpus is to apply updates per the vendor’s instructions.
CVE-2023-33009 affects Zyxel multiple firewall products and is listed by CISA as a Known Exploited Vulnerability. That KEV status makes this a priority patching item for organizations that use Zyxel firewall appliances.
CVE-2023-28771 is a Zyxel Multiple Firewalls OS command injection vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2023-05-31. The supplied corpus indicates this issue was known to be exploited and that the required defensive action is to apply updates per vendor instructions. A Zyxel security advisory referenced in the source notes describes the issue as a remote command in [truncated]
CVE-2022-30525 is a Zyxel multiple-firewalls OS command injection vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2022-05-16. Because it is listed in KEV, defenders should treat it as actively exploited and prioritize vendor-recommended updates. The supplied corpus does not include affected model lists, firmware versions, or a CVSS score, so remediation should be driven by [truncated]
CVE-2020-9054 is a Zyxel NAS operating-system command injection vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2022-03-25. Because it is KEV-listed, defenders should treat it as an urgent remediation item and follow vendor update guidance as soon as possible.
CVE-2020-29583 is a Zyxel multiple-products vulnerability involving hard-coded credentials. CISA lists it in the Known Exploited Vulnerabilities catalog, which means it has been treated as actively exploited or at least sufficiently credible for prioritized remediation. The supplied official records do not include a CVSS score, so defensive urgency should be driven by the KEV listing and the credential-ri [truncated]
CVE-2016-10227 is a network-facing denial-of-service issue affecting Zyxel USG50 and NWA3560-N firmware. According to NVD, remote attackers can trigger CPU consumption by flooding the device with ICMPv4 Port Unreachable packets. The CVE record rates the issue HIGH with a CVSS 3.0 score of 7.5, reflecting unauthenticated network exposure and availability impact only.