Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2023-5960

An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device.

  • Published: Nov 28, 2023
  • Updated: Nov 29, 2023
  • CVE: CVE-2023-5960
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

Software From Fixed in
zyxel / zld 4.50 5.37.x
zyxel / zld 4.30 5.37.x