All the vulnerabilites related to ZyXEL - NAS326
cve-2019-10632
Vulnerability from cvelistv5
Published
2019-04-09 04:59
Modified
2024-08-04 22:32
Severity ?
EPSS score ?
Summary
A directory traversal vulnerability in the file browser component on the Zyxel NAS 326 version 5.21 and below allows a lower privileged user to change the location of any other user's files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://maxwelldulin.com/BlogPost?post=3236967424 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:00.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability in the file browser component on the Zyxel NAS 326 version 5.21 and below allows a lower privileged user to change the location of any other user\u0027s files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T04:59:51",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10632",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A directory traversal vulnerability in the file browser component on the Zyxel NAS 326 version 5.21 and below allows a lower privileged user to change the location of any other user\u0027s files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://maxwelldulin.com/BlogPost?post=3236967424",
"refsource": "MISC",
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10632",
"datePublished": "2019-04-09T04:59:51",
"dateReserved": "2019-03-29T00:00:00",
"dateUpdated": "2024-08-04T22:32:00.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10630
Vulnerability from cvelistv5
Published
2019-04-09 04:59
Modified
2024-08-04 22:32
Severity ?
EPSS score ?
Summary
A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device.
References
| ▼ | URL | Tags |
|---|---|---|
| http://maxwelldulin.com/BlogPost?post=3236967424 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:00.855Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T04:59:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10630",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://maxwelldulin.com/BlogPost?post=3236967424",
"refsource": "MISC",
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10630",
"datePublished": "2019-04-09T04:59:27",
"dateReserved": "2019-03-29T00:00:00",
"dateUpdated": "2024-08-04T22:32:00.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-35138
Vulnerability from cvelistv5
Published
2023-11-30 01:30
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
A command injection vulnerability in the “show_zysync_server_contents” function of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | NAS326 firmware |
Version: V5.21(AAZF.14)C0 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NAS326 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.21(AAZF.14)C0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NAS542 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.21(ABAG.11)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A command injection vulnerability in the \u201cshow_zysync_server_contents\u201d function of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request."
}
],
"value": "A command injection vulnerability in the \u201cshow_zysync_server_contents\u201d function of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T01:41:35.390Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2023-35138",
"datePublished": "2023-11-30T01:30:44.661Z",
"dateReserved": "2023-06-14T06:26:48.564Z",
"dateUpdated": "2024-08-02T16:23:59.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-5372
Vulnerability from cvelistv5
Published
2024-01-30 00:55
Modified
2024-08-23 18:58
Severity ?
EPSS score ?
Summary
The post-authentication command injection vulnerability in Zyxel NAS326 firmware versions through V5.21(AAZF.15)C0 and NAS542 firmware versions through V5.21(ABAG.12)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands by sending a crafted query parameter attached to the URL of an affected device’s web management interface.
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | NAS326 firmware |
Version: <= V5.21(AAZF.15)C0 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.902Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-vulnerability-in-nas-products-01-30-2024"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nas326_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.21(AAZF.15)C0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:nas542_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nas542_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.21(ABAG.12)C0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5372",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-23T18:53:23.916563Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-23T18:58:04.490Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NAS326 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= V5.21(AAZF.15)C0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NAS542 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= V5.21(ABAG.12)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The post-authentication command injection vulnerability in Zyxel NAS326 firmware versions through V5.21(AAZF.15)C0 and NAS542 firmware versions through V5.21(ABAG.12)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands by sending a crafted query parameter attached to the URL of an affected device\u2019s web management interface."
}
],
"value": "The post-authentication command injection vulnerability in Zyxel NAS326 firmware versions through V5.21(AAZF.15)C0 and NAS542 firmware versions through V5.21(ABAG.12)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands by sending a crafted query parameter attached to the URL of an affected device\u2019s web management interface."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-30T00:55:33.090Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-vulnerability-in-nas-products-01-30-2024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2023-5372",
"datePublished": "2024-01-30T00:55:33.090Z",
"dateReserved": "2023-10-04T03:32:04.281Z",
"dateUpdated": "2024-08-23T18:58:04.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-35137
Vulnerability from cvelistv5
Published
2023-11-30 01:25
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
An improper authentication vulnerability in the authentication module of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to obtain system information by sending a crafted URL to a vulnerable device.
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | NAS326 firmware |
Version: V5.21(AAZF.14)C0 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NAS326 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.21(AAZF.14)C0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NAS542 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.21(ABAG.11)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper authentication vulnerability in the authentication module of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to obtain system information by sending a crafted URL to a vulnerable device."
}
],
"value": "An improper authentication vulnerability in the authentication module of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to obtain system information by sending a crafted URL to a vulnerable device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T01:25:52.494Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2023-35137",
"datePublished": "2023-11-30T01:25:52.494Z",
"dateReserved": "2023-06-14T06:26:48.564Z",
"dateUpdated": "2024-08-02T16:23:59.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-4473
Vulnerability from cvelistv5
Published
2023-11-30 01:40
Modified
2024-08-02 07:31
Severity ?
EPSS score ?
Summary
A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | NAS326 firmware |
Version: V5.21(AAZF.14)C0 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:zyxel:nas326_firmware:5.21\\(aazf.14\\)c0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nas326_firmware",
"vendor": "zyxel",
"versions": [
{
"status": "affected",
"version": "5.21\\(aazf.14\\)c0"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:nas542_firmware:5.21\\(abag.11\\)c0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nas542_firmware",
"vendor": "zyxel",
"versions": [
{
"status": "affected",
"version": "5.21\\(abag.11\\)c0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4473",
"options": [
{
"Exploitation": "PoC"
},
{
"Automatable": "Yes"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T04:00:16.063044Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:16.497Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:05.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugprove.com/knowledge-hub/cve-2023-4473-and-cve-2023-4474-authentication-bypass-and-multiple-blind-os-command-injection-vulnerabilities-in-zyxel-s-nas-326-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NAS326 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.21(AAZF.14)C0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NAS542 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.21(ABAG.11)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device."
}
],
"value": "A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T01:40:09.117Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products"
},
{
"url": "https://bugprove.com/knowledge-hub/cve-2023-4473-and-cve-2023-4474-authentication-bypass-and-multiple-blind-os-command-injection-vulnerabilities-in-zyxel-s-nas-326-devices/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2023-4473",
"datePublished": "2023-11-30T01:40:09.117Z",
"dateReserved": "2023-08-22T06:51:30.982Z",
"dateUpdated": "2024-08-02T07:31:05.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-27992
Vulnerability from cvelistv5
Published
2023-06-19 11:42
Modified
2024-12-10 16:00
Severity ?
EPSS score ?
Summary
The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request.
References
Impacted products
| Vendor | Product | Version | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | NAS326 firmware |
Version: < V5.21(AAZF.14)C0 |
||||||||
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-pre-authentication-command-injection-vulnerability-in-nas-products"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27992",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-10T15:58:56.654243Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-06-23",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-27992"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T16:00:18.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NAS326 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c V5.21(AAZF.14)C0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NAS540 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c V5.21(AATB.11)C0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NAS542 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c V5.21(ABAG.11)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to\u0026nbsp;V5.21(AAZF.14)C0, NAS540 firmware versions prior to\u0026nbsp;V5.21(AATB.11)C0, and NAS542\u0026nbsp;firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request."
}
],
"value": "The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to\u00a0V5.21(AAZF.14)C0, NAS540 firmware versions prior to\u00a0V5.21(AATB.11)C0, and NAS542\u00a0firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-19T11:42:41.774Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-pre-authentication-command-injection-vulnerability-in-nas-products"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2023-27992",
"datePublished": "2023-06-19T11:42:41.774Z",
"dateReserved": "2023-03-09T08:44:12.874Z",
"dateUpdated": "2024-12-10T16:00:18.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-13365
Vulnerability from cvelistv5
Published
2020-08-06 16:56
Modified
2024-08-04 12:18
Severity ?
EPSS score ?
Summary
Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zyxel.com/us/en/support/security_advisories.shtml | x_refsource_MISC | |
| https://www.zyxel.com/support/Zyxel-security-advisory-for-NAS-remote-access-vulnerability.shtml | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:18:17.736Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zyxel.com/us/en/support/security_advisories.shtml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-NAS-remote-access-vulnerability.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-06T16:56:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zyxel.com/us/en/support/security_advisories.shtml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-NAS-remote-access-vulnerability.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zyxel.com/us/en/support/security_advisories.shtml",
"refsource": "MISC",
"url": "https://www.zyxel.com/us/en/support/security_advisories.shtml"
},
{
"name": "https://www.zyxel.com/support/Zyxel-security-advisory-for-NAS-remote-access-vulnerability.shtml",
"refsource": "MISC",
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-NAS-remote-access-vulnerability.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13365",
"datePublished": "2020-08-06T16:56:21",
"dateReserved": "2020-05-21T00:00:00",
"dateUpdated": "2024-08-04T12:18:17.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10633
Vulnerability from cvelistv5
Published
2019-04-09 05:00
Modified
2024-08-04 22:32
Severity ?
EPSS score ?
Summary
An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs.
References
| ▼ | URL | Tags |
|---|---|---|
| http://maxwelldulin.com/BlogPost?post=3236967424 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:01.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T05:00:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10633",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://maxwelldulin.com/BlogPost?post=3236967424",
"refsource": "MISC",
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10633",
"datePublished": "2019-04-09T05:00:10",
"dateReserved": "2019-03-29T00:00:00",
"dateUpdated": "2024-08-04T22:32:01.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10631
Vulnerability from cvelistv5
Published
2019-04-09 04:59
Modified
2024-08-04 22:31
Severity ?
EPSS score ?
Summary
Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests.
References
| ▼ | URL | Tags |
|---|---|---|
| http://maxwelldulin.com/BlogPost?post=3236967424 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:31:59.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T04:59:43",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10631",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://maxwelldulin.com/BlogPost?post=3236967424",
"refsource": "MISC",
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10631",
"datePublished": "2019-04-09T04:59:43",
"dateReserved": "2019-03-29T00:00:00",
"dateUpdated": "2024-08-04T22:31:59.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9054
Vulnerability from cvelistv5
Published
2020-03-04 19:30
Modified
2024-09-16 17:14
Severity ?
EPSS score ?
Summary
Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2
References
| ▼ | URL | Tags |
|---|---|---|
| https://cwe.mitre.org/data/definitions/78.html | x_refsource_MISC | |
| https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml | x_refsource_CONFIRM | |
| https://kb.cert.org/vuls/id/498544/ | third-party-advisory, x_refsource_CERT-VN | |
| https://kb.cert.org/artifacts/cve-2020-9054.html | x_refsource_MISC | |
| https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | ZyXEL | NAS326 |
Version: V5.21(AAZF.7)C0 < |
||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml"
},
{
"name": "VU#498544",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://kb.cert.org/vuls/id/498544/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.cert.org/artifacts/cve-2020-9054.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NAS326",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V5.21(AAZF.7)C0",
"status": "affected",
"version": "V5.21(AAZF.7)C0",
"versionType": "custom"
}
]
},
{
"product": "NAS520",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V5.21(AASZ.3)C0",
"status": "affected",
"version": "V5.21(AASZ.3)C0",
"versionType": "custom"
}
]
},
{
"product": "NAS540",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V5.21(AATB.4)C0",
"status": "affected",
"version": "V5.21(AATB.4)C0",
"versionType": "custom"
}
]
},
{
"product": "NAS542",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V5.21(ABAG.4)C0",
"status": "affected",
"version": "V5.21(ABAG.4)C0",
"versionType": "custom"
}
]
},
{
"product": "NSA210",
"vendor": "ZyXEL",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "NSA220",
"vendor": "ZyXEL",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "NSA220+",
"vendor": "ZyXEL",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "NSA221",
"vendor": "ZyXEL",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "NSA310",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V4.75(AALH.2)C0",
"status": "affected",
"version": "V4.75(AALH.2)C0",
"versionType": "custom"
}
]
},
{
"product": "NSA320",
"vendor": "ZyXEL",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "NSA320S",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V4.75(AANV.2)C0",
"status": "affected",
"version": "V4.75(AANV.2)C0",
"versionType": "custom"
}
]
},
{
"product": "NSA325",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V4.81(AAAJ.1)C0",
"status": "affected",
"version": "V4.81(AAAJ.1)C0",
"versionType": "custom"
}
]
},
{
"product": "NSA325v2",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V4.81(AALS.1)C0",
"status": "affected",
"version": "V4.81(AALS.1)C0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Alex Holden of Hold Security for finding and reporting this vulnerability."
}
],
"datePublic": "2020-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2"
}
],
"exploits": [
{
"lang": "en",
"value": "https://kb.cert.org/artifacts/cve-2020-9054.html"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-04T19:30:18",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml"
},
{
"name": "VU#498544",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://kb.cert.org/vuls/id/498544/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.cert.org/artifacts/cve-2020-9054.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/"
}
],
"solutions": [
{
"lang": "en",
"value": "ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, NAS542, ATP100, ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200, VPN50, VPN100, VPN300, VPN1000, ZyWALL110, ZyWALL310, and ZyWALL1100 devices."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ZyXEL NAS products running firmware version 5.21 and earlier are vulnerable to pre-authentication command injection in weblogin.cgi",
"workarounds": [
{
"lang": "en",
"value": "Block access to the ZyXEL device web interface:\n\nThis issue can be mitigated by blocking (for example with a firewall) access to the web interface (80/tcp and 443/tcp) of any vulnerable ZyXEL device. Any machine that can access the ZyXEL web interface should not also be able to access the internet.\n\nRestrict access to vulnerable ZyXEL devices:\n\nDirect exploitation of this vulnerability can be mitigated by restricting access to vulnerable devices. In particular, do not expose such devices directly to the internet. Note however, that it is still possible for attackers to exploit devices that are not directly connected to the internet. For example, by way of viewing a web page."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"DATE_PUBLIC": "2020-02-20T00:00:00.000Z",
"ID": "CVE-2020-9054",
"STATE": "PUBLIC",
"TITLE": "ZyXEL NAS products running firmware version 5.21 and earlier are vulnerable to pre-authentication command injection in weblogin.cgi"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NAS326",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V5.21(AAZF.7)C0",
"version_value": "V5.21(AAZF.7)C0"
}
]
}
},
{
"product_name": "NAS520",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V5.21(AASZ.3)C0",
"version_value": "V5.21(AASZ.3)C0"
}
]
}
},
{
"product_name": "NAS540",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V5.21(AATB.4)C0",
"version_value": "V5.21(AATB.4)C0"
}
]
}
},
{
"product_name": "NAS542",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V5.21(ABAG.4)C0",
"version_value": "V5.21(ABAG.4)C0"
}
]
}
},
{
"product_name": "NSA210",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "NSA220",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "NSA220+",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "NSA221",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "NSA310",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V4.75(AALH.2)C0",
"version_value": "V4.75(AALH.2)C0"
}
]
}
},
{
"product_name": "NSA320",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "NSA320S",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V4.75(AANV.2)C0",
"version_value": "V4.75(AANV.2)C0"
}
]
}
},
{
"product_name": "NSA325",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V4.81(AAAJ.1)C0",
"version_value": "V4.81(AAAJ.1)C0"
}
]
}
},
{
"product_name": "NSA325v2",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V4.81(AALS.1)C0",
"version_value": "V4.81(AALS.1)C0"
}
]
}
}
]
},
"vendor_name": "ZyXEL"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Alex Holden of Hold Security for finding and reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2"
}
]
},
"exploit": [
{
"lang": "en",
"value": "https://kb.cert.org/artifacts/cve-2020-9054.html"
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwe.mitre.org/data/definitions/78.html",
"refsource": "MISC",
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"name": "https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml",
"refsource": "CONFIRM",
"url": "https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml"
},
{
"name": "VU#498544",
"refsource": "CERT-VN",
"url": "https://kb.cert.org/vuls/id/498544/"
},
{
"name": "https://kb.cert.org/artifacts/cve-2020-9054.html",
"refsource": "MISC",
"url": "https://kb.cert.org/artifacts/cve-2020-9054.html"
},
{
"name": "https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/",
"refsource": "MISC",
"url": "https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/"
}
]
},
"solution": [
{
"lang": "en",
"value": "ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, NAS542, ATP100, ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200, VPN50, VPN100, VPN300, VPN1000, ZyWALL110, ZyWALL310, and ZyWALL1100 devices."
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Block access to the ZyXEL device web interface:\n\nThis issue can be mitigated by blocking (for example with a firewall) access to the web interface (80/tcp and 443/tcp) of any vulnerable ZyXEL device. Any machine that can access the ZyXEL web interface should not also be able to access the internet.\n\nRestrict access to vulnerable ZyXEL devices:\n\nDirect exploitation of this vulnerability can be mitigated by restricting access to vulnerable devices. In particular, do not expose such devices directly to the internet. Note however, that it is still possible for attackers to exploit devices that are not directly connected to the internet. For example, by way of viewing a web page."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2020-9054",
"datePublished": "2020-03-04T19:30:18.400802Z",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-09-16T17:14:38.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-13364
Vulnerability from cvelistv5
Published
2020-08-06 16:54
Modified
2024-08-04 12:18
Severity ?
EPSS score ?
Summary
A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zyxel.com/us/en/support/security_advisories.shtml | x_refsource_MISC | |
| https://www.zyxel.com/support/Zyxel-security-advisory-for-NAS-remote-access-vulnerability.shtml | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:18:18.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zyxel.com/us/en/support/security_advisories.shtml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-NAS-remote-access-vulnerability.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:L/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-06T16:54:43",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zyxel.com/us/en/support/security_advisories.shtml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-NAS-remote-access-vulnerability.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:L/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zyxel.com/us/en/support/security_advisories.shtml",
"refsource": "MISC",
"url": "https://www.zyxel.com/us/en/support/security_advisories.shtml"
},
{
"name": "https://www.zyxel.com/support/Zyxel-security-advisory-for-NAS-remote-access-vulnerability.shtml",
"refsource": "MISC",
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-NAS-remote-access-vulnerability.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13364",
"datePublished": "2020-08-06T16:54:43",
"dateReserved": "2020-05-21T00:00:00",
"dateUpdated": "2024-08-04T12:18:18.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-4474
Vulnerability from cvelistv5
Published
2023-11-30 01:45
Modified
2024-08-02 07:31
Severity ?
EPSS score ?
Summary
The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | NAS326 firmware |
Version: V5.21(AAZF.14)C0 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:zyxel:nas326_firmware:5.21\\(aazf.14\\)c0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nas326_firmware",
"vendor": "zyxel",
"versions": [
{
"status": "affected",
"version": "5.21\\(aazf.14\\)c0"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:nas542_firmware:5.21\\(abag.11\\)c0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nas542_firmware",
"vendor": "zyxel",
"versions": [
{
"status": "affected",
"version": "5.21\\(abag.11\\)c0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4474",
"options": [
{
"Exploitation": "PoC"
},
{
"Automatable": "Yes"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T04:00:16.790117Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:14.751Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:05.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugprove.com/knowledge-hub/cve-2023-4473-and-cve-2023-4474-authentication-bypass-and-multiple-blind-os-command-injection-vulnerabilities-in-zyxel-s-nas-326-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NAS326 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.21(AAZF.14)C0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NAS542 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.21(ABAG.11)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device."
}
],
"value": "The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T01:45:29.920Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products"
},
{
"url": "https://bugprove.com/knowledge-hub/cve-2023-4473-and-cve-2023-4474-authentication-bypass-and-multiple-blind-os-command-injection-vulnerabilities-in-zyxel-s-nas-326-devices/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2023-4474",
"datePublished": "2023-11-30T01:45:29.920Z",
"dateReserved": "2023-08-22T06:51:34.440Z",
"dateUpdated": "2024-08-02T07:31:05.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-37927
Vulnerability from cvelistv5
Published
2023-11-30 01:34
Modified
2024-08-02 17:23
Severity ?
EPSS score ?
Summary
The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | NAS326 firmware |
Version: V5.21(AAZF.14)C0 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugprove.com/knowledge-hub/cve-2023-37927-and-cve-2023-37928-multiple-post-auth-blind-os-command-and-python-code-injection-vulnerabilities-in-zyxel-s-nas-326-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NAS326 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.21(AAZF.14)C0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NAS542 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.21(ABAG.11)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device."
}
],
"value": "The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T01:42:17.816Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products"
},
{
"url": "https://bugprove.com/knowledge-hub/cve-2023-37927-and-cve-2023-37928-multiple-post-auth-blind-os-command-and-python-code-injection-vulnerabilities-in-zyxel-s-nas-326-devices/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2023-37927",
"datePublished": "2023-11-30T01:34:28.528Z",
"dateReserved": "2023-07-11T01:52:33.655Z",
"dateUpdated": "2024-08-02T17:23:27.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-37928
Vulnerability from cvelistv5
Published
2023-11-30 01:37
Modified
2024-08-02 17:23
Severity ?
EPSS score ?
Summary
A post-authentication command injection vulnerability in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | NAS326 firmware |
Version: V5.21(AAZF.14)C0 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugprove.com/knowledge-hub/cve-2023-37927-and-cve-2023-37928-multiple-post-auth-blind-os-command-and-python-code-injection-vulnerabilities-in-zyxel-s-nas-326-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NAS326 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.21(AAZF.14)C0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NAS542 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.21(ABAG.11)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A post-authentication command injection vulnerability in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device."
}
],
"value": "A post-authentication command injection vulnerability in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T01:42:41.446Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products"
},
{
"url": "https://bugprove.com/knowledge-hub/cve-2023-37927-and-cve-2023-37928-multiple-post-auth-blind-os-command-and-python-code-injection-vulnerabilities-in-zyxel-s-nas-326-devices/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2023-37928",
"datePublished": "2023-11-30T01:37:27.671Z",
"dateReserved": "2023-07-11T01:52:33.655Z",
"dateUpdated": "2024-08-02T17:23:27.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-27988
Vulnerability from cvelistv5
Published
2023-05-30 00:00
Modified
2024-08-02 12:23
Severity ?
EPSS score ?
Summary
The post-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.13)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device remotely.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Zyxel | NAS326 firmware |
Version: < V5.21(AAZF.13)C0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-vulnerability-in-nas-products"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NAS326 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c V5.21(AAZF.13)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The post-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.13)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device remotely."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-30T00:00:00",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-vulnerability-in-nas-products"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2023-27988",
"datePublished": "2023-05-30T00:00:00",
"dateReserved": "2023-03-09T00:00:00",
"dateUpdated": "2024-08-02T12:23:30.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10634
Vulnerability from cvelistv5
Published
2019-04-09 05:00
Modified
2024-08-04 22:31
Severity ?
EPSS score ?
Summary
An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields.
References
| ▼ | URL | Tags |
|---|---|---|
| http://maxwelldulin.com/BlogPost?post=3236967424 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:31:59.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T05:00:20",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10634",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://maxwelldulin.com/BlogPost?post=3236967424",
"refsource": "MISC",
"url": "http://maxwelldulin.com/BlogPost?post=3236967424"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10634",
"datePublished": "2019-04-09T05:00:20",
"dateReserved": "2019-03-29T00:00:00",
"dateUpdated": "2024-08-04T22:31:59.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34747
Vulnerability from cvelistv5
Published
2022-09-06 01:20
Modified
2024-08-03 09:22
Severity ?
EPSS score ?
Summary
A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zyxel.com/support/Zyxel-security-advisory-for-format-string-vulnerability-in-NAS.shtml | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Zyxel | Zyxel NAS326 firmware |
Version: < V5.21(AAZF.12)C0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:22:09.239Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-format-string-vulnerability-in-NAS.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Zyxel NAS326 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c V5.21(AAZF.12)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-134",
"description": "CWE-134: Use of Externally-Controlled Format String",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-06T01:20:10",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-format-string-vulnerability-in-NAS.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2022-34747",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Zyxel NAS326 firmware",
"version": {
"version_data": [
{
"version_value": "\u003c V5.21(AAZF.12)C0"
}
]
}
}
]
},
"vendor_name": "Zyxel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet."
}
]
},
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-134: Use of Externally-Controlled Format String"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zyxel.com/support/Zyxel-security-advisory-for-format-string-vulnerability-in-NAS.shtml",
"refsource": "CONFIRM",
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-format-string-vulnerability-in-NAS.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2022-34747",
"datePublished": "2022-09-06T01:20:10",
"dateReserved": "2022-06-28T00:00:00",
"dateUpdated": "2024-08-03T09:22:09.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201904-1090
Vulnerability from variot
Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests. Zyxel NAS 326 Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZyxelNAS326 is a dual-disc personal cloud storage device from Zyxel. A shell meta-injection vulnerability exists in the package installer in ZyxelNAS3265.21 and earlier. ZyXEL NAS 326 is a NAS (Network Attached Storage) device produced by ZyXEL Corporation of Taiwan, China. The vulnerability comes from the fact that the network system or product does not properly filter special elements in the process of constructing executable commands from external input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-1090",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nas326",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.21"
},
{
"model": "nas 326",
"scope": "lte",
"trust": 0.8,
"vendor": "zyxel",
"version": "5.21"
},
{
"model": "nas",
"scope": "eq",
"trust": 0.6,
"vendor": "zyxel",
"version": "326\u003c=5.21"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13780"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003300"
},
{
"db": "NVD",
"id": "CVE-2019-10631"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.21",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10631"
}
]
},
"cve": "CVE-2019-10631",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-10631",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2019-13780",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-142197",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10631",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-10631",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-13780",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-500",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-142197",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13780"
},
{
"db": "VULHUB",
"id": "VHN-142197"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003300"
},
{
"db": "NVD",
"id": "CVE-2019-10631"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-500"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests. Zyxel NAS 326 Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZyxelNAS326 is a dual-disc personal cloud storage device from Zyxel. A shell meta-injection vulnerability exists in the package installer in ZyxelNAS3265.21 and earlier. ZyXEL NAS 326 is a NAS (Network Attached Storage) device produced by ZyXEL Corporation of Taiwan, China. The vulnerability comes from the fact that the network system or product does not properly filter special elements in the process of constructing executable commands from external input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10631"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003300"
},
{
"db": "CNVD",
"id": "CNVD-2019-13780"
},
{
"db": "VULHUB",
"id": "VHN-142197"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10631",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003300",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201904-500",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-13780",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-142197",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13780"
},
{
"db": "VULHUB",
"id": "VHN-142197"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003300"
},
{
"db": "NVD",
"id": "CVE-2019-10631"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-500"
}
]
},
"id": "VAR-201904-1090",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13780"
},
{
"db": "VULHUB",
"id": "VHN-142197"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13780"
}
]
},
"last_update_date": "2023-12-18T14:00:58.710000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NAS326",
"trust": 0.8,
"url": "https://www.zyxel.com/products_services/2-bay-personal-cloud-storage-nas326/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003300"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.1
},
{
"problemtype": "CWE-77",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142197"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003300"
},
{
"db": "NVD",
"id": "CVE-2019-10631"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://maxwelldulin.com/blogpost?post=3236967424"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10631"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10631"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13780"
},
{
"db": "VULHUB",
"id": "VHN-142197"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003300"
},
{
"db": "NVD",
"id": "CVE-2019-10631"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-500"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-13780"
},
{
"db": "VULHUB",
"id": "VHN-142197"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003300"
},
{
"db": "NVD",
"id": "CVE-2019-10631"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-500"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-13780"
},
{
"date": "2019-04-09T00:00:00",
"db": "VULHUB",
"id": "VHN-142197"
},
{
"date": "2019-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003300"
},
{
"date": "2019-04-09T05:29:00.293000",
"db": "NVD",
"id": "CVE-2019-10631"
},
{
"date": "2019-04-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-500"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-13780"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-142197"
},
{
"date": "2019-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003300"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-10631"
},
{
"date": "2020-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-500"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-500"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zyxel NAS 326 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003300"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-500"
}
],
"trust": 0.6
}
}
var-201904-1092
Vulnerability from variot
An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs. Zyxel NAS 326 Contains a code injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZyxelNAS326 is a dual-disc personal cloud storage device from Zyxel. Remote authentication attackers can exploit this vulnerability to execute arbitrary code through tjp6jp6y4, simZysh, and ck6fup6API. ZyXEL NAS 326 is a NAS (Network Attached Storage) device produced by ZyXEL Corporation of Taiwan, China. This vulnerability stems from the fact that the network system or product does not correctly filter special elements in the process of constructing code segments from external input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-1092",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nas326",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.21"
},
{
"model": "nas 326",
"scope": "lte",
"trust": 0.8,
"vendor": "zyxel",
"version": "5.21"
},
{
"model": "nas",
"scope": "eq",
"trust": 0.6,
"vendor": "zyxel",
"version": "326\u003c=5.21"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13782"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003315"
},
{
"db": "NVD",
"id": "CVE-2019-10633"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.21",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10633"
}
]
},
"cve": "CVE-2019-10633",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-10633",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2019-13782",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-142199",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10633",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-10633",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-13782",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-495",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-142199",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13782"
},
{
"db": "VULHUB",
"id": "VHN-142199"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003315"
},
{
"db": "NVD",
"id": "CVE-2019-10633"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-495"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs. Zyxel NAS 326 Contains a code injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZyxelNAS326 is a dual-disc personal cloud storage device from Zyxel. Remote authentication attackers can exploit this vulnerability to execute arbitrary code through tjp6jp6y4, simZysh, and ck6fup6API. ZyXEL NAS 326 is a NAS (Network Attached Storage) device produced by ZyXEL Corporation of Taiwan, China. This vulnerability stems from the fact that the network system or product does not correctly filter special elements in the process of constructing code segments from external input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10633"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003315"
},
{
"db": "CNVD",
"id": "CNVD-2019-13782"
},
{
"db": "VULHUB",
"id": "VHN-142199"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10633",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003315",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201904-495",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-13782",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-142199",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13782"
},
{
"db": "VULHUB",
"id": "VHN-142199"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003315"
},
{
"db": "NVD",
"id": "CVE-2019-10633"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-495"
}
]
},
"id": "VAR-201904-1092",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13782"
},
{
"db": "VULHUB",
"id": "VHN-142199"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13782"
}
]
},
"last_update_date": "2023-12-18T13:23:45.784000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NAS326",
"trust": 0.8,
"url": "https://www.zyxel.com/products_services/2-bay-personal-cloud-storage-nas326/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003315"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142199"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003315"
},
{
"db": "NVD",
"id": "CVE-2019-10633"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://maxwelldulin.com/blogpost?post=3236967424"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10633"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10633"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13782"
},
{
"db": "VULHUB",
"id": "VHN-142199"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003315"
},
{
"db": "NVD",
"id": "CVE-2019-10633"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-495"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-13782"
},
{
"db": "VULHUB",
"id": "VHN-142199"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003315"
},
{
"db": "NVD",
"id": "CVE-2019-10633"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-495"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-13782"
},
{
"date": "2019-04-09T00:00:00",
"db": "VULHUB",
"id": "VHN-142199"
},
{
"date": "2019-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003315"
},
{
"date": "2019-04-09T05:29:00.387000",
"db": "NVD",
"id": "CVE-2019-10633"
},
{
"date": "2019-04-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-495"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-13782"
},
{
"date": "2019-04-10T00:00:00",
"db": "VULHUB",
"id": "VHN-142199"
},
{
"date": "2019-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003315"
},
{
"date": "2019-04-10T15:25:35.340000",
"db": "NVD",
"id": "CVE-2019-10633"
},
{
"date": "2019-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-495"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-495"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zyxel NAS 326 Code injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003315"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-495"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-495"
}
],
"trust": 0.6
}
}
var-201904-1093
Vulnerability from variot
An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields. Zyxel NAS 326 Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. ZyxelNAS326 is a dual-disc personal cloud storage device from Zyxel. A cross-site scripting vulnerability exists in ZyxelNAS3265.21 and earlier. ZyXEL NAS 326 is a NAS (Network Attached Storage) device produced by ZyXEL Corporation of Taiwan, China. There is a cross-site scripting vulnerability in ZyXEL NAS 326 5.21 and earlier versions, which is caused by the lack of correct verification of client data in WEB applications. An attacker could exploit this vulnerability to execute client code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-1093",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nas326",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.21"
},
{
"model": "nas 326",
"scope": "lte",
"trust": 0.8,
"vendor": "zyxel",
"version": "5.21"
},
{
"model": "nas",
"scope": "eq",
"trust": 0.6,
"vendor": "zyxel",
"version": "326\u003c=5.21"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13783"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003249"
},
{
"db": "NVD",
"id": "CVE-2019-10634"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.21",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10634"
}
]
},
"cve": "CVE-2019-10634",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-10634",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CNVD-2019-13783",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-142200",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2019-10634",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-10634",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2019-13783",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-494",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-142200",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13783"
},
{
"db": "VULHUB",
"id": "VHN-142200"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003249"
},
{
"db": "NVD",
"id": "CVE-2019-10634"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-494"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields. Zyxel NAS 326 Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. ZyxelNAS326 is a dual-disc personal cloud storage device from Zyxel. A cross-site scripting vulnerability exists in ZyxelNAS3265.21 and earlier. ZyXEL NAS 326 is a NAS (Network Attached Storage) device produced by ZyXEL Corporation of Taiwan, China. There is a cross-site scripting vulnerability in ZyXEL NAS 326 5.21 and earlier versions, which is caused by the lack of correct verification of client data in WEB applications. An attacker could exploit this vulnerability to execute client code",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10634"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003249"
},
{
"db": "CNVD",
"id": "CNVD-2019-13783"
},
{
"db": "VULHUB",
"id": "VHN-142200"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10634",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003249",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201904-494",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-13783",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-142200",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13783"
},
{
"db": "VULHUB",
"id": "VHN-142200"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003249"
},
{
"db": "NVD",
"id": "CVE-2019-10634"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-494"
}
]
},
"id": "VAR-201904-1093",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13783"
},
{
"db": "VULHUB",
"id": "VHN-142200"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13783"
}
]
},
"last_update_date": "2023-12-18T13:33:31.628000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NAS326",
"trust": 0.8,
"url": "https://www.zyxel.com/products_services/2-bay-personal-cloud-storage-nas326/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003249"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142200"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003249"
},
{
"db": "NVD",
"id": "CVE-2019-10634"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://maxwelldulin.com/blogpost?post=3236967424"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10634"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10634"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13783"
},
{
"db": "VULHUB",
"id": "VHN-142200"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003249"
},
{
"db": "NVD",
"id": "CVE-2019-10634"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-494"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-13783"
},
{
"db": "VULHUB",
"id": "VHN-142200"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003249"
},
{
"db": "NVD",
"id": "CVE-2019-10634"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-494"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-13783"
},
{
"date": "2019-04-09T00:00:00",
"db": "VULHUB",
"id": "VHN-142200"
},
{
"date": "2019-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003249"
},
{
"date": "2019-04-09T05:29:00.400000",
"db": "NVD",
"id": "CVE-2019-10634"
},
{
"date": "2019-04-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-494"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-13783"
},
{
"date": "2019-04-09T00:00:00",
"db": "VULHUB",
"id": "VHN-142200"
},
{
"date": "2019-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003249"
},
{
"date": "2019-04-09T18:19:56.933000",
"db": "NVD",
"id": "CVE-2019-10634"
},
{
"date": "2019-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-494"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-494"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zyxel NAS 326 Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13783"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-494"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-494"
}
],
"trust": 0.6
}
}
var-202003-1707
Vulnerability from variot
Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2. plural ZyXEL Included in the product weblogin.cgi Is vulnerable to the execution of arbitrary commands. OS Command injection (CWE-78) - CVE-2020-9054 ZyXEL In multiple products offered by CGI Executable file weblogin.cgi Authentication is done using. About this vulnerability ZyXEL Made NAS Exploit codes for products are available on the Internet. Zyxel Technology is a provider of network broadband systems and solutions for internationally renowned brands. main
Products include DSL central office and terminal equipment, router equipment, network security equipment, wireless local area communication equipment,
It also provides full-range broadband network application integration solutions for Chinese enterprises, such as network telephones and Ethernet switches.
Multiple ZyXEL network-attached storage (NAS) devices have security holes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1707",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "atp200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg60w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "nas326",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.21\\(aazf.7\\)c0"
},
{
"model": "zywall110",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg2200",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abae.3\\)c0"
},
{
"model": "usg210",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall310",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg40",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "nas520",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.21\\(aasz.3\\)c0"
},
{
"model": "usg1100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aapk.3\\)c0"
},
{
"model": "vpn100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "atp100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abps.3\\)c0"
},
{
"model": "usg40w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg110",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg1100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg310",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aapj.3\\)c0"
},
{
"model": "usg20w-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "vpn50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg20w-vpn",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abar.3\\)c0"
},
{
"model": "atp800",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg2200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg310",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "vpn1000",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall1100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aaac.3\\)c0"
},
{
"model": "atp800",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abiq.3\\)c0"
},
{
"model": "usg60",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aaky.3\\)c0"
},
{
"model": "usg1900",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "atp200",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abfw.3\\)c0"
},
{
"model": "usg60w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aakz.3\\)c0"
},
{
"model": "usg20-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "nas542",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.21\\(abag.4\\)c0"
},
{
"model": "atp500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "vpn300",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abfc.3\\)c0"
},
{
"model": "nas540",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.21\\(aatb.4\\)c0"
},
{
"model": "vpn100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abfv.3\\)c0"
},
{
"model": "zywall110",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aaaa.3\\)c0"
},
{
"model": "usg20-vpn",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abaq.3\\)c0"
},
{
"model": "usg60",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "atp100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "vpn50",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abhl.3\\)c0"
},
{
"model": "vpn1000",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abip.3\\)c0"
},
{
"model": "zywall310",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aaab.3\\)c0"
},
{
"model": "usg40w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aalb.3\\)c0"
},
{
"model": "usg1900",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aapl.3\\)c0"
},
{
"model": "vpn300",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg40",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aala.3\\)c0"
},
{
"model": "atp500",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abfu.3\\)c0"
},
{
"model": "usg110",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aaph.3\\)c0"
},
{
"model": "usg210",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aapi.3\\)c0"
},
{
"model": "zywall1100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp800",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nas 326",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nas 520",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nas 540",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nas 542",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20w-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nas326 \u003cv5.21 c0",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nas520 \u003cv5.21 c0",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nas540 \u003cv5.21 c0",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nas542 \u003cv5.21 c0",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa210",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa220",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa220+",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa221",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa310",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa310s",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa320",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa320s",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa325",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa325v2",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#498544"
},
{
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"db": "NVD",
"id": "CVE-2020-9054"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.21\\(aazf.7\\)c0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nas520_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.21\\(aasz.3\\)c0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nas520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nas540_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.21\\(aatb.4\\)c0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nas540:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nas542_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.21\\(abag.4\\)c0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nas542:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abps.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abfw.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abfu.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abiq.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abaq.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abar.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aala.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aalb.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aaky.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aakz.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg110_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aaph.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aapi.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aapj.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg1100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aapk.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg1900_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aapl.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abae.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abhl.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abfv.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abfc.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abip.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall110_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aaaa.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall310_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aaab.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall1100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aaac.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9054"
}
]
},
"cve": "CVE-2020-9054",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 10.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.1,
"exploitability": "FUNCTIONAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-9054",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInterationRequired": null,
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "JPCERT/CC",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2020-001758",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-15993",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-9054",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "JPCERT/CC",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-001758",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-9054",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2020-9054",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "JPCERT/CC",
"id": "JVNDB-2020-001758",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2020-15993",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-1216",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2020-9054",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#498544"
},
{
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"db": "VULMON",
"id": "CVE-2020-9054"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"db": "NVD",
"id": "CVE-2020-9054"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2. plural ZyXEL Included in the product weblogin.cgi Is vulnerable to the execution of arbitrary commands. OS Command injection (CWE-78) - CVE-2020-9054 ZyXEL In multiple products offered by CGI Executable file weblogin.cgi Authentication is done using. About this vulnerability ZyXEL Made NAS Exploit codes for products are available on the Internet. Zyxel Technology is a provider of network broadband systems and solutions for internationally renowned brands. main\r\n\r\nProducts include DSL central office and terminal equipment, router equipment, network security equipment, wireless local area communication equipment,\r\n\r\nIt also provides full-range broadband network application integration solutions for Chinese enterprises, such as network telephones and Ethernet switches. \n\r\n\r\nMultiple ZyXEL network-attached storage (NAS) devices have security holes",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9054"
},
{
"db": "CERT/CC",
"id": "VU#498544"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"db": "VULMON",
"id": "CVE-2020-9054"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9054",
"trust": 3.9
},
{
"db": "CERT/CC",
"id": "VU#498544",
"trust": 3.3
},
{
"db": "JVN",
"id": "JVNVU97748968",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-15993",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1216",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-9054",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#498544"
},
{
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"db": "VULMON",
"id": "CVE-2020-9054"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"db": "NVD",
"id": "CVE-2020-9054"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
]
},
"id": "VAR-202003-1707",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15993"
}
],
"trust": 1.3025158775999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15993"
}
]
},
"last_update_date": "2023-12-18T12:17:11.584000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel security advisory for the remote code execution vulnerability of NAS products",
"trust": 0.8,
"url": "https://www.zyxel.com/support/remote-code-execution-vulnerability-of-nas-products.shtml"
},
{
"title": "Patch for Multiple ZyXEL Network Attached Storage (NAS) Device Pre-Verification Command Injection Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/207745"
},
{
"title": "Multiple ZyXEL Product operating system command injection vulnerability fixes",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=110815"
},
{
"title": "exploit",
"trust": 0.1,
"url": "https://github.com/notionned101/exploit "
},
{
"title": "kenzer-templates",
"trust": 0.1,
"url": "https://github.com/elsfa7-110/kenzer-templates "
},
{
"title": "kenzer-templates",
"trust": 0.1,
"url": "https://github.com/arpsyndicate/kenzer-templates "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/top-microsoft-adobe-exploits-list/166241/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/new-mirai-variant-mukashi-targets-zyxel-nas-devices/153982/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/flaws-zyxels-network-management-software/153554/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2020/02/26/zyxel_security_hole/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"db": "VULMON",
"id": "CVE-2020-9054"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9054"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://www.zyxel.com/support/remote-code-execution-vulnerability-of-nas-products.shtml"
},
{
"trust": 3.3,
"url": "https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/"
},
{
"trust": 2.6,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 1.7,
"url": "https://kb.cert.org/vuls/id/498544/"
},
{
"trust": 1.7,
"url": "https://kb.cert.org/artifacts/cve-2020-9054.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9054"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9054"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu97748968"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/498544/"
},
{
"trust": 0.7,
"url": "https://www.kb.cert.org/vuls/id/498544"
},
{
"trust": 0.6,
"url": "https://securityaffairs.co/wordpress/98461/hacking/zyxel-critical-rce.html"
},
{
"trust": 0.1,
"url": "https://github.com/notionned101/exploit"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#498544"
},
{
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"db": "VULMON",
"id": "CVE-2020-9054"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"db": "NVD",
"id": "CVE-2020-9054"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#498544"
},
{
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"db": "VULMON",
"id": "CVE-2020-9054"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"db": "NVD",
"id": "CVE-2020-9054"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-24T00:00:00",
"db": "CERT/CC",
"id": "VU#498544"
},
{
"date": "2020-03-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"date": "2020-03-04T00:00:00",
"db": "VULMON",
"id": "CVE-2020-9054"
},
{
"date": "2020-02-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"date": "2020-03-04T20:15:10.750000",
"db": "NVD",
"id": "CVE-2020-9054"
},
{
"date": "2020-02-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-26T00:00:00",
"db": "CERT/CC",
"id": "VU#498544"
},
{
"date": "2020-03-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"date": "2020-03-06T00:00:00",
"db": "VULMON",
"id": "CVE-2020-9054"
},
{
"date": "2020-04-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"date": "2020-03-06T17:58:20.727000",
"db": "NVD",
"id": "CVE-2020-9054"
},
{
"date": "2023-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZyXEL pre-authentication command injection in weblogin.cgi",
"sources": [
{
"db": "CERT/CC",
"id": "VU#498544"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
],
"trust": 0.6
}
}
var-201904-1091
Vulnerability from variot
A directory traversal vulnerability in the file browser component on the Zyxel NAS 326 version 5.21 and below allows a lower privileged user to change the location of any other user's files. Zyxel NAS 326 Contains a path traversal vulnerability.Information may be tampered with. ZyxelNAS326 is a dual-disc personal cloud storage device from Zyxel. ZyXEL NAS 326 is a NAS (Network Attached Storage) device produced by ZyXEL Corporation of Taiwan, China. The vulnerability originates from the failure of network systems or products to properly filter resources or special elements in file paths. An attacker could exploit this vulnerability to access locations outside of restricted directories
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-1091",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nas326",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.21"
},
{
"model": "nas 326",
"scope": "lte",
"trust": 0.8,
"vendor": "zyxel",
"version": "5.21"
},
{
"model": "nas",
"scope": "eq",
"trust": 0.6,
"vendor": "zyxel",
"version": "326\u003c=5.21"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13781"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003301"
},
{
"db": "NVD",
"id": "CVE-2019-10632"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.21",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10632"
}
]
},
"cve": "CVE-2019-10632",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-10632",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CNVD-2019-13781",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-142198",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-10632",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-10632",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2019-13781",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-491",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-142198",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13781"
},
{
"db": "VULHUB",
"id": "VHN-142198"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003301"
},
{
"db": "NVD",
"id": "CVE-2019-10632"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-491"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A directory traversal vulnerability in the file browser component on the Zyxel NAS 326 version 5.21 and below allows a lower privileged user to change the location of any other user\u0027s files. Zyxel NAS 326 Contains a path traversal vulnerability.Information may be tampered with. ZyxelNAS326 is a dual-disc personal cloud storage device from Zyxel. ZyXEL NAS 326 is a NAS (Network Attached Storage) device produced by ZyXEL Corporation of Taiwan, China. The vulnerability originates from the failure of network systems or products to properly filter resources or special elements in file paths. An attacker could exploit this vulnerability to access locations outside of restricted directories",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10632"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003301"
},
{
"db": "CNVD",
"id": "CNVD-2019-13781"
},
{
"db": "VULHUB",
"id": "VHN-142198"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10632",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003301",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201904-491",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-13781",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-142198",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13781"
},
{
"db": "VULHUB",
"id": "VHN-142198"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003301"
},
{
"db": "NVD",
"id": "CVE-2019-10632"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-491"
}
]
},
"id": "VAR-201904-1091",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13781"
},
{
"db": "VULHUB",
"id": "VHN-142198"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13781"
}
]
},
"last_update_date": "2023-12-18T12:18:04.849000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NAS326",
"trust": 0.8,
"url": "https://www.zyxel.com/products_services/2-bay-personal-cloud-storage-nas326/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003301"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142198"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003301"
},
{
"db": "NVD",
"id": "CVE-2019-10632"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://maxwelldulin.com/blogpost?post=3236967424"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10632"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10632"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13781"
},
{
"db": "VULHUB",
"id": "VHN-142198"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003301"
},
{
"db": "NVD",
"id": "CVE-2019-10632"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-491"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-13781"
},
{
"db": "VULHUB",
"id": "VHN-142198"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003301"
},
{
"db": "NVD",
"id": "CVE-2019-10632"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-491"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-13781"
},
{
"date": "2019-04-09T00:00:00",
"db": "VULHUB",
"id": "VHN-142198"
},
{
"date": "2019-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003301"
},
{
"date": "2019-04-09T05:29:00.323000",
"db": "NVD",
"id": "CVE-2019-10632"
},
{
"date": "2019-04-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-491"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-13781"
},
{
"date": "2019-04-10T00:00:00",
"db": "VULHUB",
"id": "VHN-142198"
},
{
"date": "2019-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003301"
},
{
"date": "2019-04-10T16:44:12.457000",
"db": "NVD",
"id": "CVE-2019-10632"
},
{
"date": "2019-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-491"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-491"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zyxel NAS 326 Path traversal vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003301"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-491"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-491"
}
],
"trust": 0.6
}
}
var-201904-1089
Vulnerability from variot
A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device. Zyxel NAS 326 Contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZyxelNAS326 is a dual-disc personal cloud storage device from Zyxel. ZyXEL NAS 326 is a NAS (Network Attached Storage) device produced by ZyXEL Corporation of Taiwan, China. There is a trust management vulnerability in ZyXEL NAS 326 5.21 and earlier versions, which originates from the lack of an effective trust management mechanism in the network system or product. Attackers can use default passwords or hard-coded passwords, hard-coded certificates, etc. to attack affected components
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-1089",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nas326",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.21"
},
{
"model": "nas 326",
"scope": "lte",
"trust": 0.8,
"vendor": "zyxel",
"version": "5.21"
},
{
"model": "nas",
"scope": "eq",
"trust": 0.6,
"vendor": "zyxel",
"version": "326\u003c=5.21"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13779"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003299"
},
{
"db": "NVD",
"id": "CVE-2019-10630"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.21",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10630"
}
]
},
"cve": "CVE-2019-10630",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-10630",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2019-13779",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-142196",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10630",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-10630",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-13779",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-493",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-142196",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13779"
},
{
"db": "VULHUB",
"id": "VHN-142196"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003299"
},
{
"db": "NVD",
"id": "CVE-2019-10630"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-493"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device. Zyxel NAS 326 Contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZyxelNAS326 is a dual-disc personal cloud storage device from Zyxel. ZyXEL NAS 326 is a NAS (Network Attached Storage) device produced by ZyXEL Corporation of Taiwan, China. There is a trust management vulnerability in ZyXEL NAS 326 5.21 and earlier versions, which originates from the lack of an effective trust management mechanism in the network system or product. Attackers can use default passwords or hard-coded passwords, hard-coded certificates, etc. to attack affected components",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10630"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003299"
},
{
"db": "CNVD",
"id": "CNVD-2019-13779"
},
{
"db": "VULHUB",
"id": "VHN-142196"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10630",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003299",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201904-493",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-13779",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-142196",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13779"
},
{
"db": "VULHUB",
"id": "VHN-142196"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003299"
},
{
"db": "NVD",
"id": "CVE-2019-10630"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-493"
}
]
},
"id": "VAR-201904-1089",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13779"
},
{
"db": "VULHUB",
"id": "VHN-142196"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13779"
}
]
},
"last_update_date": "2023-12-18T12:56:33.648000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NAS326",
"trust": 0.8,
"url": "https://www.zyxel.com/products_services/2-bay-personal-cloud-storage-nas326/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003299"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-522",
"trust": 1.1
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142196"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003299"
},
{
"db": "NVD",
"id": "CVE-2019-10630"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://maxwelldulin.com/blogpost?post=3236967424"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10630"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10630"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13779"
},
{
"db": "VULHUB",
"id": "VHN-142196"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003299"
},
{
"db": "NVD",
"id": "CVE-2019-10630"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-493"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-13779"
},
{
"db": "VULHUB",
"id": "VHN-142196"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003299"
},
{
"db": "NVD",
"id": "CVE-2019-10630"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-493"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-13779"
},
{
"date": "2019-04-09T00:00:00",
"db": "VULHUB",
"id": "VHN-142196"
},
{
"date": "2019-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003299"
},
{
"date": "2019-04-09T05:29:00.230000",
"db": "NVD",
"id": "CVE-2019-10630"
},
{
"date": "2019-04-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-493"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-13779"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-142196"
},
{
"date": "2019-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003299"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-10630"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-493"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-493"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zyxel NAS 326 Vulnerabilities related to certificate and password management",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003299"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-493"
}
],
"trust": 0.6
}
}