Filtered by vendor Zyxel Subscriptions
Filtered by product Uos Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-9677 1 Zyxel 12 Uos, Usg Flex 100h, Usg Flex 100h Firmware and 9 more 2024-12-06 5.5 Medium
The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series uOS firmware version V1.21 and earlier versionsĀ could allow an authenticated local attacker to gain privilege escalation by stealing the authentication token of a login administrator. Note that this attack could be successful only if the administrator has not logged out.