Known vulnerabilities in ZyXEL Communications Corp. USG FLEX series

[]

Known vulnerabilities in ZyXEL Communications Corp. USG FLEX series

Vendor: ZyXEL Communications Corp.

Website: https://www.zyxel.com/

Total Security Bulletins: 15

Security bulletins (15)

Secuity bulletin	Severity	Status	Published
SB2026020583: OS Command Injection in Zyxel Firewalls	Low	Patched	05.02.2026
SB2025102144: Multiple vulnerabilities in Zyxel firewalls	Medium	Patched	21.10.2025
SB2024112907: Path traversal in Zyxel firewalls	Critical	Patched Exploited	29.11.2024
SB2024090354: Multiple vulnerabilities in Zyxel firewalls	Critical	Patched Exploited	03.09.2024
SB2024022031: Multiple vulnerabilities in Zyxel firewalls and APs	High	Patched	20.02.2024
SB2023112820: Multiple vulnerabilities in Zyxel firewalls and APs	Medium	Patched	28.11.2023
SB2023071819: Multiple vulnerabilities in Zyxel firewalls and WLAN controllers	Medium	Patched Public exploit	18.07.2023
SB2023052525: Multiple vulnerabilities in Zyxel firewalls	High	Patched Exploited	25.05.2023
SB2023042508: Multiple vulnerabilitiesin Zyxel firewalls and APs	Medium	Patched	25.04.2023
SB2023042507: Multiple vulnerabilitiesin Zyxel firewalls	High	Patched Exploited	25.04.2023
SB2023020704: OS Command Injection in Zyxel firewalls	Medium	Patched	07.02.2023
SB2022120602: Cross-site scripting in Zyxel products	Low	Patched	06.12.2022
SB2022052406: Multiple vulnerabilities in Zyxel Firewalls, AP controllers and APs	High	Patched Public exploit	24.05.2022
SB2022033003: Authentication bypass in several Zyxel firewalls	High	Patched	30.03.2022
SB2020112612: Remote code execution in Zyxel firewalls and access points	High	Patched	26.11.2020