彙總 zebra 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 路徑處理缺陷與SQL 注入,在 生產負載與軟體部署 使用場景中可能帶來 檔案覆寫 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2023-4957 | A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the setvarsResults.cgi file. For this vulnerability to be exploitable, the printers protected mode must be disabled. | [email protected] | 5.4 | 0.01% | 2023-10-11 | 2025-08-28 |
| CVE-2022-36443 | An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The device allows the administrator to lock some communication channels (wireless and SD card) but it is still possible to use a physical connection (Ethernet cable) without restriction. | [email protected] | 7.8 | 0.05% | 2023-01-10 | 2025-05-30 |
| CVE-2022-36442 | An issue was discovered in Zebra Enterprise Home Screen 4.1.19. By using the embedded Google Chrome application, it is possible to install an unauthorized application via a downloaded APK. | [email protected] | 5.5 | 0.06% | 2023-01-10 | 2025-05-30 |
| CVE-2022-36441 | An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The Gboard used by different applications can be used to launch and use several other applications that are restricted by the admin. | [email protected] | 7.1 | 0.05% | 2023-01-10 | 2025-05-30 |
| CVE-2021-32089 | An issue was discovered on Zebra (formerly Motorola Solutions) Fixed RFID Reader FX9500 devices. An unauthenticated attacker can upload arbitrary files to the filesystem that can then be accessed through the web interface. This can lead to information disclosure and code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | [email protected] | 9.8 | 1.64% | 2021-05-11 | 2024-11-21 |
| CVE-2020-10875 | Motorola FX9500 devices allow remote attackers to conduct absolute path traversal attacks, as demonstrated by PL/SQL Server Pages files such as /include/viewtagdb.psp. | [email protected] | 7.5 | 0.56% | 2020-03-23 | 2024-11-21 |
| CVE-2019-10960 | Zebra Industrial Printers All Versions, Zebra printers are shipped with unrestricted end-user access to front panel options. If the option to use a passcode to limit the functionality of the front panel is applied, specially crafted packets could be sent over the same network to a port on the printer and the printer will respond with an array of information that includes the front panel passcode for the printer. Once the passcode is retrieved, an attacker must have physical access to the front p | [email protected] | 7.5 | 0.31% | 2019-08-20 | 2024-11-21 |