CVE-2024-11667 | Zyxel ATP/USG FLEX/USG FLEX 50(W)/USG20(W)-VPN up to 5.38 URL path traversal

Posted by Angelo Barbosa | Nov 27, 2024 | CVE

A vulnerability was found in Zyxel ATP, USG FLEX, USG FLEX 50(W) and USG20(W)-VPN up to 5.38. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component URL Handler. The manipulation leads to path traversal.

This vulnerability is known as CVE-2024-11667. The attack can be launched remotely. There is no exploit available.

CVE-2024-11667 | Zyxel ATP/USG FLEX/USG FLEX 50(W)/USG20(W)-VPN up to 5.38 URL path traversal

Related Posts

CVE-2023-6971 | Backup Migration Plugin up to 1.3.9 on WordPress content-dir file inclusion

CVE-2024-5223 | Post Grid Gutenberg Blocks and Blog Plugin up to 4.1.1 on WordPress cross site scripting

CVE-2024-3874 | Tenda W20E 15.11.0.6 SetRemoteWebManage formSetRemoteWebManage remoteIP stack-based overflow

CVE-2024-23877 | Cups Easy 1.0 URL currencycreate.php cross site scripting