Vulnerability-Lookup - Search a vulnerability

Vulnerabilites related to zyxel - nwa130be_firmware

Vulnerability from fkie_nvd

Published

2024-09-03 03:15

Modified

2024-09-13 19:39

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) and earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) and earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.

References

▼	URL	Tags
	security@zyxel.com.tw	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024	Vendor Advisory

Impacted products

Vendor	Product	Version
zyxel	nwa110ax_firmware	*
zyxel	nwa110ax	-
zyxel	nwa1123-ac_pro_firmware	*
zyxel	nwa1123-ac_pro	-
zyxel	nwa1123acv3_firmware	*
zyxel	nwa1123acv3	-
zyxel	nwa130be_firmware	*
zyxel	nwa130be	-
zyxel	nwa210ax_firmware	*
zyxel	nwa210ax	-
zyxel	nwa220ax-6e_firmware	*
zyxel	nwa220ax-6e	-
zyxel	nwa50ax_firmware	*
zyxel	nwa50ax	-
zyxel	nwa50ax_pro_firmware	*
zyxel	nwa50ax_pro	-
zyxel	nwa55axe_firmware	*
zyxel	nwa55axe	-
zyxel	nwa90ax_firmware	*
zyxel	nwa90ax	-
zyxel	nwa90ax_pro_firmware	*
zyxel	nwa90ax_pro	-
zyxel	usg_lite_60ax_firmware	*
zyxel	usg_lite_60ax	-
zyxel	wac500_firmware	*
zyxel	wac500	-
zyxel	wac500h_firmware	*
zyxel	wac500h	-
zyxel	wac6103d-i_firmware	*
zyxel	wac6103d-i	-
zyxel	wac6502d-s_firmware	*
zyxel	wac6502d-s	-
zyxel	wac6503d-s_firmware	*
zyxel	wac6503d-s	-
zyxel	wac6552d-s_firmware	*
zyxel	wac6552d-s	-
zyxel	wac6553d-e_firmware	*
zyxel	wac6553d-e	-
zyxel	wax300h_firmware	*
zyxel	wax300h	-
zyxel	wax510d_firmware	*
zyxel	wax510d	-
zyxel	wax610d_firmware	*
zyxel	wax610d	-
zyxel	wax620d-6e_firmware	*
zyxel	wax620d-6e	-
zyxel	wax630s_firmware	*
zyxel	wax630s	-
zyxel	wax640s-6e_firmware	*
zyxel	wax640s-6e	-
zyxel	wax650s_firmware	*
zyxel	wax650s	-
zyxel	wax655e_firmware	*
zyxel	wax655e	-
zyxel	wbe530_firmware	*
zyxel	wbe530	-
zyxel	wbe660s_firmware	*
zyxel	wbe660s	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4516EB83-8B99-40BD-94E5-CBD5057107B8",
              "versionEndExcluding": "7.00\\(abtg.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A3F9232-F988-4428-9898-4F536123CE88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa1123-ac_pro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9875CD66-9249-4702-88E5-B1239FA4AD29",
              "versionEndExcluding": "6.28\\(abhd.3\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa1123-ac_pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "145723DB-C34B-4C2A-B3C2-7A5CFEF503CA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C88D274-D770-46F9-A802-93B1C72C3802",
              "versionEndExcluding": "6.70\\(abvt.5\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36C13E7F-2186-4587-83E9-57B05A7147B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa130be_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D1105DC-E628-45C7-BB10-6EFB8038FC46",
              "versionEndExcluding": "7.00\\(acil.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa130be:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "782F9AB7-3464-4BFE-B502-B62CD51A8865",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F03710-B004-4AA1-BBE3-FD6AD2ABF681",
              "versionEndExcluding": "7.00\\(abtd.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFD8274A-8135-4C3F-9998-4F13170DC5BD",
              "versionEndExcluding": "7.00\\(acco.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E03F755-424D-4248-9076-ED7BECEB94C5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "439ED873-6DBF-4B67-B7B6-B285D885093C",
              "versionEndExcluding": "7.00\\(abyw.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2806A3B3-8F13-4170-B284-8809E3502044",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa50ax_pro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "76456787-1EB9-4585-A2D3-CAD77786B3EF",
              "versionEndExcluding": "7.00\\(acge.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa50ax_pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F36E7DCD-08BA-4FA1-9A8E-ADE956704132",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "319234D0-CBED-43AD-B21C-E3893786FA00",
              "versionEndExcluding": "7.00\\(abzl.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7440976-5CB4-40BE-95C2-98EF4B888109",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA77A46-A9BF-46A7-BCC3-0851FD2EDB4B",
              "versionEndExcluding": "7.00\\(accv.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A903978-737E-4266-A670-BC94E32CAF96",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa90ax_pro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C991363D-0CD5-4242-9B6D-903B6C71F3F3",
              "versionEndExcluding": "7.00\\(acgf.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa90ax_pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "480A495A-A4C4-4696-B500-B6333C79A28B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC39E0F3-D1D4-41BE-ABF1-F01A7AC1F959",
              "versionEndExcluding": "v2.00\\(acip.3\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:usg_lite_60ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC710993-3E55-4C88-A261-0A67F5069071",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E3E89C7-C3DA-4B4E-A8F1-EF854EB61C0C",
              "versionEndExcluding": "6.70\\(abvs.5\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C024551-F08F-4152-940D-1CF8BCD79613",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84A27C2E-140D-4554-8AD1-D9EBB76CF9D5",
              "versionEndExcluding": "6.70\\(abwa.5\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1FD502-4F62-4C77-B3BC-E563B24F0067",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0867C187-0BF0-4F4E-B291-3858810724D6",
              "versionEndExcluding": "6.28\\(aaxh.3\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "341DB051-7F01-4B36-BA15-EBC25FACB439",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DBA0866-22E5-4CE6-886C-CE21E6A4E6B0",
              "versionEndExcluding": "6.28\\(aase.3\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD108388-ABE5-4142-910F-C3C8B1C13617",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45449005-459C-4062-97FB-31B7CB249E21",
              "versionEndExcluding": "6.28\\(aasf.3\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C083097-E839-49ED-B4A8-8AEF5C502E47",
              "versionEndExcluding": "6.28\\(abio.3\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD47738A-9001-4CC1-8FED-1D1CFC56F548",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6553d-e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04666D56-1996-461E-B8AB-C5BCA6399EE8",
              "versionEndExcluding": "6.28\\(aasg.3\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6553d-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55273BCE-4F2C-4ED9-9FCB-D1197555BD53",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBEEF0EC-A325-4D02-B69E-AE24A4669C57",
              "versionEndExcluding": "7.00\\(achf.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax300h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3073565-BCDF-46EA-8FB0-E9BF402A5122",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6295B167-56B0-4F68-8163-0ECCA7ED5E0C",
              "versionEndExcluding": "7.00\\(abtf.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "924067FC-8230-440A-B596-05F3A39C3456",
              "versionEndExcluding": "7.00\\(abte.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3518DA0A-2C7B-4979-A457-0826C921B0F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "24A073C2-4124-49F1-BCBF-1508A310DCA0",
              "versionEndExcluding": "7.00\\(accn.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC244157-2D23-4DC2-A809-869948AC2096",
              "versionEndExcluding": "7.00\\(abzd.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC74AAF9-5206-4CEB-9023-6CD4F38AA623",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10075392-47BE-4B55-BEEF-6D259C6AFDF5",
              "versionEndExcluding": "7.00\\(accm.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20E4E9A0-DF92-47B7-94D6-0867E3171E47",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "794E19F4-ED5D-403C-BFA7-7D089FACC45F",
              "versionEndExcluding": "7.00\\(abrm.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D784994E-E2CE-4328-B490-D9DC195A53DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E1F72E5-0336-4565-802F-75A746DD4AA9",
              "versionEndExcluding": "7.00\\(acdo.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C302D991-2BAB-4C64-B0E0-EAEE19F79765",
              "versionEndExcluding": "7.00\\(acle.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wbe530:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3061579E-C708-42BC-86FC-B6223B941335",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52534374-242E-457F-A794-8A1AEFECA38F",
              "versionEndExcluding": "7.00\\(acgg.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\nand earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\nand earlier, and\u00a0USG LITE 60AX firmware version\u00a0V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device."
    },
    {
      "lang": "es",
      "value": "La neutralizaci\u00f3n incorrecta de elementos especiales en el par\u00e1metro \"host\" en el programa CGI de la versi\u00f3n de firmware 6.70(ABVT.4) y anteriores de Zyxel NWA1123ACv3, la versi\u00f3n de firmware 6.70(ABVS.4) y anteriores de WAC500, la versi\u00f3n de firmware 7.00(ACDO.1) y anteriores de WAX655E, la versi\u00f3n de firmware 7.00(ACLE.1) y anteriores de WBE530, y la versi\u00f3n de firmware V2.00(ACIP.2) de USG LITE 60AX podr\u00eda permitir que un atacante no autenticado ejecute comandos del sistema operativo enviando una cookie manipulada a un dispositivo vulnerable."
    }
  ],
  "id": "CVE-2024-7261",
  "lastModified": "2024-09-13T19:39:40.570",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "security@zyxel.com.tw",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-09-03T03:15:03.940",
  "references": [
    {
      "source": "security@zyxel.com.tw",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024"
    }
  ],
  "sourceIdentifier": "security@zyxel.com.tw",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "security@zyxel.com.tw",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-01-14 02:15

Modified

2025-01-21 21:12

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device.

References

▼	URL	Tags
	security@zyxel.com.tw	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-and-security-router-devices-01-14-2025	Vendor Advisory

Impacted products

Vendor	Product	Version
zyxel	nwa50ax_firmware	*
zyxel	nwa50ax	-
zyxel	nwa50ax_pro_firmware	*
zyxel	nwa50ax_pro	-
zyxel	nwa55axe_firmware	*
zyxel	nwa55axe	-
zyxel	nwa90ax_firmware	*
zyxel	nwa90ax	-
zyxel	nwa90ax_pro_firmware	*
zyxel	nwa90ax_pro	-
zyxel	nwa110ax_firmware	*
zyxel	nwa110ax	-
zyxel	nwa130be_firmware	*
zyxel	nwa130be	-
zyxel	nwa210ax_firmware	*
zyxel	nwa210ax	-
zyxel	nwa220ax-6e_firmware	*
zyxel	nwa220ax-6e	-
zyxel	nwa1123acv3_firmware	*
zyxel	nwa1123acv3	-
zyxel	wac500_firmware	*
zyxel	wac500	-
zyxel	wac500h_firmware	*
zyxel	wac500h	-
zyxel	wax300h_firmware	*
zyxel	wax300h	-
zyxel	wax510d_firmware	*
zyxel	wax510d	-
zyxel	wax610d_firmware	*
zyxel	wax610d	-
zyxel	wax620d-6e_firmware	*
zyxel	wax620d-6e	-
zyxel	wax630s_firmware	*
zyxel	wax630s	-
zyxel	wax640s-6e_firmware	*
zyxel	wax640s-6e	-
zyxel	wax650s_firmware	*
zyxel	wax650s	-
zyxel	wax655e_firmware	*
zyxel	wax655e	-
zyxel	wbe530_firmware	*
zyxel	wbe530	-
zyxel	wbe660s_firmware	*
zyxel	wbe660s	-
zyxel	usg_lite_60ax_firmware	*
zyxel	usg_lite_60ax	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CDBEB22-3832-4C51-B811-8A2BF996D09E",
              "versionEndExcluding": "7.10\\(abyw.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2806A3B3-8F13-4170-B284-8809E3502044",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa50ax_pro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9719A4E4-DB57-4703-AC29-FD94CF89E7E0",
              "versionEndExcluding": "7.10\\(acge.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa50ax_pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F36E7DCD-08BA-4FA1-9A8E-ADE956704132",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD6F3443-E169-4CA7-B18D-2DF68A507E59",
              "versionEndExcluding": "7.10\\(abzl.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7440976-5CB4-40BE-95C2-98EF4B888109",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7961037-D162-4BAA-948E-18BB25385117",
              "versionEndExcluding": "7.10\\(accv.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A903978-737E-4266-A670-BC94E32CAF96",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa90ax_pro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EBC66E4-8643-47FE-80C0-14E53318C84E",
              "versionEndExcluding": "7.10\\(acgf.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa90ax_pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "480A495A-A4C4-4696-B500-B6333C79A28B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E159E289-85E2-4A82-B0DF-309096479A81",
              "versionEndExcluding": "7.10\\(abtg.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A3F9232-F988-4428-9898-4F536123CE88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa130be_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4360DF1-898A-4CCE-905D-05AE164195B5",
              "versionEndExcluding": "7.10\\(acil.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa130be:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "782F9AB7-3464-4BFE-B502-B62CD51A8865",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF298D2B-3FCE-4974-9720-00266FE68D09",
              "versionEndExcluding": "7.10\\(abtd.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A290449D-A968-4E76-A3E0-58483D14CA34",
              "versionEndExcluding": "7.10\\(acco.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E03F755-424D-4248-9076-ED7BECEB94C5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3C70D2-3ABE-45D1-BAC1-F5378CA3B758",
              "versionEndExcluding": "6.70\\(abvt.6\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36C13E7F-2186-4587-83E9-57B05A7147B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61033C21-7255-4BBC-A22E-E87FB4C92C88",
              "versionEndExcluding": "6.70\\(abvs.6\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C024551-F08F-4152-940D-1CF8BCD79613",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACC84162-28C7-4DA9-88C4-BFAE9315C805",
              "versionEndExcluding": "6.70\\(abwa.6\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1FD502-4F62-4C77-B3BC-E563B24F0067",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "91F75AB8-A165-4A09-B8F8-B63548E09887",
              "versionEndExcluding": "7.10\\(achf.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax300h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3073565-BCDF-46EA-8FB0-E9BF402A5122",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A34A2784-082B-4E26-8E1F-C395A7151DE5",
              "versionEndExcluding": "7.10\\(abtf.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE039840-2274-4E56-ABA5-EEF2932A3046",
              "versionEndExcluding": "7.10\\(abte.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3518DA0A-2C7B-4979-A457-0826C921B0F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B410A50-3756-43BC-AAC3-3CCA65CD24EA",
              "versionEndExcluding": "7.10\\(accn.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F74AE8-4CF4-4CDE-9CA0-1FB0E31D8DEB",
              "versionEndExcluding": "7.10\\(abzd.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC74AAF9-5206-4CEB-9023-6CD4F38AA623",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DFA7899-2BFE-4F0D-B18B-059C16A4742E",
              "versionEndExcluding": "7.10\\(accm.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20E4E9A0-DF92-47B7-94D6-0867E3171E47",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93F89B44-3959-4709-B65D-F9B72646D746",
              "versionEndExcluding": "7.10\\(abrm.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D784994E-E2CE-4328-B490-D9DC195A53DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFF2B717-0B0C-4A10-86A6-ABFB592C4A52",
              "versionEndExcluding": "7.10\\(acdo.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAF5DBAB-37C2-4436-AA29-C48A0E88A673",
              "versionEndExcluding": "7.10\\(acle.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wbe530:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3061579E-C708-42BC-86FC-B6223B941335",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64D953D8-8351-44F4-ADCE-97F11DF62AE7",
              "versionEndExcluding": "7.00\\(acgg.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C68921A-9FD4-41AA-A6A3-5F3BCC36C345",
              "versionEndExcluding": "2.10\\(acip.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:usg_lite_60ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC710993-3E55-4C88-A261-0A67F5069071",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and\u00a0WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device."
    },
    {
      "lang": "es",
      "value": " Una vulnerabilidad de administraci\u00f3n de privilegios inadecuada en la interfaz de administraci\u00f3n web de las versiones de firmware Zyxel WBE530 hasta 7.00 (ACLE.3) y las versiones de firmware WBE660S hasta 6.70 (ACGG.2) podr\u00eda permitir que un usuario autenticado con privilegios limitados aumente sus privilegios a los de administrador, lo que le permitir\u00eda cargar archivos de configuraci\u00f3n a un dispositivo vulnerable."
    }
  ],
  "id": "CVE-2024-12398",
  "lastModified": "2025-01-21T21:12:02.310",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "security@zyxel.com.tw",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-01-14T02:15:07.990",
  "references": [
    {
      "source": "security@zyxel.com.tw",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-and-security-router-devices-01-14-2025"
    }
  ],
  "sourceIdentifier": "security@zyxel.com.tw",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "security@zyxel.com.tw",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2024-7261

Vulnerability from cvelistv5

Published

2024-09-03 02:10

Modified

2024-09-05 15:36

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

▼	URL	Tags
	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Zyxel

NWA1123ACv3 firmware

Version: <= 6.70(ABVT.4)

Zyxel	WAC500 firmware	Version: <= 6.70(ABVS.4)
Zyxel	WAX655E firmware	Version: <= 7.00(ACDO.1)
Zyxel	WBE530 firmware	Version: <= 7.00(ACLE.1)
Zyxel	USG LITE 60AX firmware	Version: V2.00(ACIP.2)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "usg_lite_60ax_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "V2.00\\(ACIP.2\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:nwa1123acv3_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "nwa1123acv3_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "6.70\\(ABVT.4\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:wac500_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wac500_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "6.70\\(ABVS.4\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:wax655e_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wax655e_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "7.00\\(ACDO.1\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wbe530_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "7.00\\(ACLE.1\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7261",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-05T03:55:55.275964Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-05T15:36:14.807Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "NWA1123ACv3 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 6.70(ABVT.4)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WAC500 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 6.70(ABVS.4)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WAX655E firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 7.00(ACDO.1)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WBE530 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 7.00(ACLE.1)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "USG LITE 60AX firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "V2.00(ACIP.2)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eand earlier\u003c/span\u003e, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eand earlier\u003c/span\u003e, and\u0026nbsp;USG LITE 60AX firmware version\u0026nbsp;V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device."
            }
          ],
          "value": "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\nand earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\nand earlier, and\u00a0USG LITE 60AX firmware version\u00a0V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-03T02:10:25.112Z",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2024-7261",
    "datePublished": "2024-09-03T02:10:25.112Z",
    "dateReserved": "2024-07-30T02:42:19.589Z",
    "dateUpdated": "2024-09-05T15:36:14.807Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-12398

Vulnerability from cvelistv5

Published

2025-01-14 01:39

Modified

2025-01-14 15:26

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

▼	URL	Tags
	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-and-security-router-devices-01-14-2025	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Zyxel

WBE530 firmware

Version: <= 7.00(ACLE.3)

Zyxel

WBE660S firmware

Version: <= 6.70(ACGG.2)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-12398",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-14T15:26:11.215705Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-14T15:26:24.681Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "WBE530 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 7.00(ACLE.3)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WBE660S firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 6.70(ACGG.2)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and\u0026nbsp;WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device."
            }
          ],
          "value": "An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and\u00a0WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-14T01:39:04.348Z",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-and-security-router-devices-01-14-2025"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2024-12398",
    "datePublished": "2025-01-14T01:39:04.348Z",
    "dateReserved": "2024-12-10T03:31:12.696Z",
    "dateUpdated": "2025-01-14T15:26:24.681Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}