Filters

Versions

3.1.0
35
3.1.1
35

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account defa…

critical
9.8
First published (updated )
CVE-2020-15323

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debia…

critical
9.8
First published (updated )
CVE-2020-15322

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account.

critical
9.8
First published (updated )
CVE-2020-15321

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account.

critical
9.8
First published (updated )
CVE-2020-15320

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within t…

medium
5.9
First published (updated )
CVE-2020-15319

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within t…

medium
5.9
First published (updated )
CVE-2020-15318

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within t…

medium
5.9
First published (updated )
CVE-2020-15317

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within…

medium
5.9
First published (updated )
CVE-2020-15316

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within t…

medium
5.9
First published (updated )
CVE-2020-15315

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account.

medium
5.9
First published (updated )
CVE-2020-15314

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account.

medium
5.9
First published (updated )
CVE-2020-15313

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account.

medium
5.9
First published (updated )
CVE-2020-15312

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/default/axess permissions.

critical
9.8
First published (updated )
CVE-2020-15332

Zyxel CloudCNM SecuManagerSQL Injection

medium
5.3
First published (updated )
CVE-2020-15333

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence injection into the /var/log/axxmpp…

medium
5.3
First published (updated )
CVE-2020-15334

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /registerCpe requests.

high
7.5
First published (updated )
CVE-2020-15335

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /cnr requests.

high
7.5
First published (updated )
CVE-2020-15336

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Str…

medium
5.3
First published (updated )
CVE-2020-15337

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Str…

medium
5.3
First published (updated )
CVE-2020-15338

Zyxel CloudCNM SecuManagerXSS

medium
6.1
First published (updated )
CVE-2020-15339

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded opt/axess/AXAssets/default_axess/axess/TR…

high
7.5
First published (updated )
CVE-2020-15340

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated update_all_realm_license API.

high
7.5
First published (updated )
CVE-2020-15341

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user API.

medium
5.3
First published (updated )
CVE-2020-15342

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user_key API.

medium
5.3
First published (updated )
CVE-2020-15343

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_user_id_and_key API.

medium
5.3
First published (updated )
CVE-2020-15344

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_instances_for_update API.

medium
5.3
First published (updated )
CVE-2020-15345

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key.

medium
5.3
First published (updated )
CVE-2020-15346

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the q6xV4aW8bQ4cfD-b password for the axiros account.

critical
9.8
First published (updated )
CVE-2020-15347

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication.

medium
5.3
First published (updated )
CVE-2020-15325

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem.

medium
5.3
First published (updated )
CVE-2020-15326

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication.

high
7.5
First published (updated )
CVE-2020-15327

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/var/blobstorage/ permissions.

medium
5.3
First published (updated )
CVE-2020-15328

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak Data.fs permissions.

medium
5.3
First published (updated )
CVE-2020-15329

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded APP_KEY in /opt/axess/etc/default/axess.

medium
5.3
First published (updated )
CVE-2020-15330

Zyxel CloudCNM SecuManagerZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded OAUTH_SECRET_KEY in /opt/axess/etc/defaul…

critical
9.8
First published (updated )
CVE-2020-15331

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203