| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-6018 | 10.0 |
The diagnostic-ping implementation on ZyXEL PMG5318-B20A devices with firmware before 1.00(AANC.2)C0 allows remote attackers to execute arbitrary commands via the PingIPAddr parameter.
|
15-09-2017 - 01:29 | 31-12-2015 - 05:59 | |
| CVE-2015-6019 | 5.0 |
The management portal on ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 does not terminate sessions upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation. <a href="htt
|
07-12-2016 - 18:17 | 31-12-2015 - 05:59 | |
| CVE-2015-6016 | 10.0 |
ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via
|
07-12-2016 - 18:17 | 31-12-2015 - 05:59 | |
| CVE-2015-6017 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Forms/rpAuth_1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0) allow remote attackers to inject arbitrary web script or HTML via the (1) LoginPassword or (2) hiddenPassword paramete
|
07-12-2016 - 18:17 | 31-12-2015 - 05:59 | |
| CVE-2015-6020 | 8.3 |
ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 allow remote authenticated users to obtain administrative privileges by leveraging access to the user account.
|
07-12-2016 - 18:17 | 31-12-2015 - 05:59 |