Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:zyxel:gs1900-24e_firmware:2.70\(aahk.5\):*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-38270 |
An insufficient entropy vulnerability caused by the improper use of a randomness function with low entropy for web authentication tokens generation exists in the Zyxel GS1900-10HP firmware version V2.80(AAZI.0)C0. This vulnerability could allow a LAN-based attacker a slight chance to gain a valid session token if multiple authenticated sessions are alive. Published: September 09, 2024; 10:15:09 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-35140 |
The improper privilege management vulnerability in the Zyxel GS1900-24EP switch firmware version V2.70(ABTO.5) could allow an authenticated local user with read-only access to modify system settings on a vulnerable device. Published: November 07, 2023; 12:15:12 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |