Vulnerabilites related to zyxel - nxc5500_firmware
Vulnerability from fkie_nvd
Published
2022-05-24 06:15
Modified
2024-11-21 06:54
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "286FA4D2-DD37-4EFD-BCC4-98791B7E4F74", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "441EB008-4265-4569-A7B0-A5CAF0CA6B70", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFF1F98B-2B0C-46C6-AE43-EB652BA0800C", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3B6387BE-5DED-4D27-AACC-1F42DCB90A40", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D636401-CD8D-4D2C-9BEA-1C6F96D2FEA6", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD3684E5-F119-4BD9-A29A-C35C293BC058", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFC4992F-FF30-44E8-9041-4BA082D3549B", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "071225C7-8311-4C89-9633-AE5DB4800B01", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABF7A7FD-95D3-4343-9CE2-DFF8DBE8D125", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D952940F-FFEF-4480-9BD8-5E7CB1C27B2E", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_110_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "55B9C186-0EF6-457D-A865-93BEE28C03DB", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*", matchCriteriaId: "C7E32879-01A2-49B1-A354-068CEB1CA3A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_1100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D64DDA0B-FB12-49DA-818A-77D61B6328EB", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4B9AC6-7C55-42BD-A1D8-F5D5A19AC59D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_1900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F944352D-3F2E-4E67-9B0C-FCA488F49FDB", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*", matchCriteriaId: "92CE6F04-403B-4A52-A3A5-DD0190CF15D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_20w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18A8D2A1-CA75-4DAE-8C78-67E2588AD037", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*", matchCriteriaId: "6CD5A4AB-0CC2-4CAF-AAFA-0F866174842F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC6943C7-8559-414D-9A6A-865EEFBF223C", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E0597A0E-9416-4D2E-BAF5-BEFAAE1BB93E", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "32F7F370-C585-45FE-A7F7-40BFF13928CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B139EC4B-07CA-4D2C-8FBB-5C03F67ED169", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*", matchCriteriaId: "38B7995C-80E0-413B-9F2C-387EF3703927", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07F551AE-EB73-4B97-AFBA-23A201FBAA02", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*", matchCriteriaId: "D84DDB81-DE66-4427-8833-633B45A45A14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E469A8A0-D909-4713-ABA8-F2589452E193", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*", matchCriteriaId: "8F11F36C-60DB-4D81-A320-53EEE43758C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25670F1E-F6BA-4B2C-957F-4DCF1B112DBD", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*", matchCriteriaId: "C65DB5E9-2FE3-4807-970E-A42FDF82B50E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "095FB855-F923-41C8-A3C7-E252FCD57EB5", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*", matchCriteriaId: "82864EF6-B63D-4947-A18C-AE0156CCA7FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "19D358C5-E3CE-4362-94C2-6C8715AB9D54", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B18C8637-E459-482F-B977-7BA1A3D99CA7", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0015FD08-61BF-4022-9F84-12010EA1D5A9", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E4B752C-2CAD-4A72-9660-27B57B3EB7FC", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "39FCAC29-3FD8-49DF-A216-3393D9724DA7", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11A390EA-14B4-4A83-9215-2A8EEF10A564", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*", matchCriteriaId: "3F7F15F3-9A55-462F-8AE3-EE71B759DE68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F4C6D9E-87AB-4BEB-A9CF-EA767FC25437", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*", matchCriteriaId: "3F5C3A2C-12EA-4FAE-B088-665A90494685", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96C73B83-E2B8-402A-BC4F-4044D16F6D2C", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*", matchCriteriaId: "EAFF1122-755A-4531-AA2E-FD6E8478F92F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C95C785-5428-405C-A1DE-1E2202556178", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*", matchCriteriaId: "231547C3-33B8-42B7-983E-AA3C6CA5D107", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB666972-E152-45A6-BF0F-2F442565A9A9", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*", matchCriteriaId: "CC3082ED-A564-494D-8427-B61F15F6DD88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B39851C-29CA-4C74-8A3D-BA8AFB22D889", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*", matchCriteriaId: "F302801D-3720-4598-8458-A8938BD6CB46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A4A4415-2061-4BB3-B8AF-F492B4935F5F", versionEndExcluding: "1.33", versionStartIncluding: "1.00", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:-:*:*:*:*:*:*", matchCriteriaId: "D43F6C03-E7EE-43B9-81B7-2B298134A591", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch1:*:*:*:*:*:*", matchCriteriaId: "8872BA61-9164-48EC-8D7B-C41FCE76F32C", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch2:*:*:*:*:*:*", matchCriteriaId: "83FD24D6-959A-41D1-B7A3-6D06205EA8C9", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch3:*:*:*:*:*:*", matchCriteriaId: "CB5660D2-3C80-42CF-B91C-61212B1EA351", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch4:*:*:*:*:*:*", matchCriteriaId: "E83EFC74-309F-42BF-A2B5-850184B4BF20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nsg300:-:*:*:*:*:*:*:*", matchCriteriaId: "58B0886D-9AF4-453F-96DB-7ABAA5EE3B78", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "66EEF757-9B89-4D05-93DC-0B35CB5578AA", versionEndExcluding: "1.33", versionStartIncluding: "1.00", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:-:*:*:*:*:*:*", matchCriteriaId: "70DE2243-00D1-4C94-B53B-659F48BAFF08", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch1:*:*:*:*:*:*", matchCriteriaId: "E0722C8A-DACE-4FC8-8197-678CF4F6E0C9", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch2:*:*:*:*:*:*", matchCriteriaId: "3ED9A278-5B95-4607-B832-A2AB7FB8A9A6", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch3:*:*:*:*:*:*", matchCriteriaId: "DA5E8CF5-C7D8-4827-BE19-AC4EB7E66AC1", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch4:*:*:*:*:*:*", matchCriteriaId: "415A2C9A-005A-433D-A423-F5D9CA6C8A19", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nsg100:-:*:*:*:*:*:*:*", matchCriteriaId: "D6C5054F-BCC7-4E00-8786-24F85B2A200E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "734BB40E-9A07-4508-8C49-5A21072691B4", versionEndExcluding: "1.33", versionStartIncluding: "1.00", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:-:*:*:*:*:*:*", matchCriteriaId: "E549004C-F19F-4F2D-8522-849C008B2132", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch1:*:*:*:*:*:*", matchCriteriaId: "013AE5DA-537B-4198-A55C-17FD08F7CB9F", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch2:*:*:*:*:*:*", matchCriteriaId: "E0D0898D-A7C6-441B-A0C8-BA7B5B2E362F", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch3:*:*:*:*:*:*", matchCriteriaId: "D8E83137-D14D-4143-8D38-59787AAE36D3", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch4:*:*:*:*:*:*", matchCriteriaId: "00CB6F78-BA15-489E-BCD8-25CECB8FCBED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nsg50:-:*:*:*:*:*:*:*", matchCriteriaId: "8B084120-41C6-4F3C-9803-9C178EB4DE91", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nxc2500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "099AC2B1-7352-43EC-811A-89937FA1E2E3", versionEndIncluding: "6.10\\(aaig.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nxc2500:-:*:*:*:*:*:*:*", matchCriteriaId: "BADED427-DEFF-4213-836B-C8EF0531C39A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nxc5500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "012B7439-FDDB-464D-8D11-AAAF54E9F59A", versionEndIncluding: "6.10\\(aaos.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nxc5500:-:*:*:*:*:*:*:*", matchCriteriaId: "5A334B8B-8750-4519-B485-0AB0CECD212B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00D41E43-D7BA-4927-9966-2847E12270E6", versionEndIncluding: "6.25\\(abfa.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap203:-:*:*:*:*:*:*:*", matchCriteriaId: "80AE2CEA-90AC-421A-86BB-F404CDE7785D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93110B5F-CB02-4413-9588-35B47D7A5CE3", versionEndIncluding: "6.25\\(abex.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap303:-:*:*:*:*:*:*:*", matchCriteriaId: "C4BF5D4C-DB8E-4077-BE78-C73AA203406C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C44494F9-1ADA-4A3D-8FBA-D0D97C3DACB5", versionEndIncluding: "6.25\\(abey.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap353:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCEC13E-3D1C-4B42-87F5-94FE1066C218", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A696580F-3993-4653-B48E-AAB7D1A2B7DC", versionEndIncluding: "6.25\\(abyw.5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E809B8FE-DBF8-4B7F-B33E-939750D08617", versionEndIncluding: "6.25\\(abzl.5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "554C9C1E-EE3C-4BD7-95CF-9748167EA691", versionEndIncluding: "6.27\\(accv.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDFAECE0-C011-4488-89A8-249972CA0773", versionEndIncluding: "6.30\\(abtg.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5DD8FF80-E4B1-4521-B2D3-B2B4B4049A14", versionEndIncluding: "6.30\\(abtd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123-ac-hd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF0819A0-7616-467F-BF17-59302EADCA0C", versionEndIncluding: "6.25\\(abin.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123-ac-hd:-:*:*:*:*:*:*:*", matchCriteriaId: "27F719D3-0D19-4D92-9570-4B1A48AD5670", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "858A8B50-515B-4CD3-B07C-3633EE605CC9", versionEndIncluding: "6.25\\(abhd.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123-ac-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9DC66B07-67FB-47F6-B54B-E40BE89F33A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF0C532C-D263-4EDA-8127-0CE61A02353A", versionEndIncluding: "6.30\\(abvt.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*", matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1302-ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A9DF9C2-7BD9-456D-8D27-DD6966A0B4AA", versionEndIncluding: "6.25\\(abku.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1302-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA514BB-B688-4EBD-9530-F5112F7503F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa5123-ac-hd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A775E4A-4672-494E-A5A4-D906180092FA", versionEndIncluding: "6.25\\(abim.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa5123-ac-hd:-:*:*:*:*:*:*:*", matchCriteriaId: "1808BC03-AE4E-4AB7-996D-89081808720B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "528A7200-2884-4849-82EC-516A6BAB9DD2", versionEndIncluding: "6.30\\(abwa.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD646A37-5CE7-4B9D-9F9A-0443F5A35047", versionEndIncluding: "6.30\\(abvs.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*", matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac5302d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EC5ABF47-C899-4C1B-AFFB-11F37B2CA1B2", versionEndIncluding: "6.10\\(abfh.10\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac5302d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "E4AA4FC1-E3E4-499F-B0C1-22B738DA4DA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "97843B29-E50B-4451-8583-9120A30908D4", versionEndIncluding: "6.25\\(abvz.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*", matchCriteriaId: "A690501F-DC2D-4F90-ABC0-33B5F1279C36", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4DDC631C-0510-4E30-B896-B218ABE618AA", versionEndIncluding: "6.25\\(aaxh.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*", matchCriteriaId: "341DB051-7F01-4B36-BA15-EBC25FACB439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0126F87D-14E9-402B-975A-FB11855D1E6C", versionEndIncluding: "6.25\\(abgl.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F08117-0BCE-4EA1-8DA7-1AC4EFF67E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C5701D95-35AC-489B-8348-E3AC32D1626D", versionEndIncluding: "6.25\\(aasd.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6502d-e:-:*:*:*:*:*:*:*", matchCriteriaId: "FD8842C8-FB0A-46F0-9BB4-CAC6334D1E51", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00AA8697-6B5D-439C-8E9A-B0B1EBDF1496", versionEndIncluding: "6.25\\(aase.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "DD108388-ABE5-4142-910F-C3C8B1C13617", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7ADC5F9-B1CE-474A-958F-F6267507A5E1", versionEndIncluding: "6.25\\(aasf.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6553d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A467110-CF4D-45CB-8855-EBA5D5985294", versionEndIncluding: "6.25\\(aasg.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6553d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "DD45FA01-D2BF-441A-8669-1190F79D206B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "978F6DD8-A04F-4DC0-8497-4F6454FA3235", versionEndIncluding: "6.25\\(abio.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "CD47738A-9001-4CC1-8FED-1D1CFC56F548", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F272586C-292F-409C-9BDB-D9D70C0C3D2A", versionEndIncluding: "6.30\\(abtf.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86B43BD3-CA22-4D81-9281-78A3B23FAC60", versionEndIncluding: "6.30\\(abte.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A26EEF52-DC36-4D5C-9E2F-25238615B2BC", versionEndIncluding: "6.30\\(abzd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AAF35E44-DC87-49EC-868A-C721CC4FFD3B", versionEndIncluding: "6.30\\(abrm.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.", }, { lang: "es", value: "Una vulnerabilidad de inyección de argumentos en el comando CLI \"packet-trace\" de Zyxel USG/ZyWALL versiones 4.09 hasta 4.71, USG FLEX series versiones 4.50 hasta 5.21, ATP series versiones 4.32 hasta 5.21, VPN series versiones 4.30 hasta 5.21, NSG series versiones 1.00 hasta 1.33 Patch 4, NXC2500 versión de firmware 6.10(AAIG.3 ) y versiones anteriores, NAP203 versión de firmware 6.25(ABFA.7) y versiones anteriores, NWA50AX versión de firmware 6.25(ABYW.5) y versiones anteriores, WAC500 versión de firmware 6.30(ABVS.2) y versiones anteriores, WAX510D versión de firmware 6.30(ABTF.2) y versiones anteriores, que podría permitir a un atacante local autenticado ejecutar comandos arbitrarios del sistema operativo mediante una inclusión de argumentos diseñados en el comando CLI", }, ], id: "CVE-2022-26532", lastModified: "2024-11-21T06:54:07.663", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "security@zyxel.com.tw", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-05-24T06:15:09.390", references: [ { source: "security@zyxel.com.tw", url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, { source: "security@zyxel.com.tw", url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-88", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-07-17 18:15
Modified
2024-11-21 08:06
Severity ?
Summary
A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN series firmware versions 4.30 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to cause denial of service (DoS) conditions by sending a crafted request to the CAPWAP daemon.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4043DC00-98EF-4E09-9A39-D9739E6E521F", versionEndExcluding: "5.37", versionStartIncluding: "4.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50222136-295B-434C-B5D1-A96A16386EEE", versionEndExcluding: "5.37", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "32F7F370-C585-45FE-A7F7-40BFF13928CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D66CA5F-C85F-4D69-8F82-BDCF6FCB905C", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5E31FC3-E2EC-4909-BF8D-86775AF4D4B5", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D6EF9AA9-65D5-4D7B-A2BF-9150C6339282", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "16DE9EA8-98AB-4EAA-AA98-122F64F8D4D2", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B221F5CD-C0C6-4917-AC15-FF1BA3904915", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "338384D8-1585-4AA7-90FB-E56F641E5A14", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0FA43EB7-3F72-4250-BE9A-7449B8AEF90F", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23441FD0-F61A-4421-9F4D-E29565D3A83F", versionEndExcluding: "5.37", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*", matchCriteriaId: "A899D2DE-8C74-4EA1-BD87-B8BF37CBFB6D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91CE19A7-74FC-4ACE-9048-8CECE8B26FDA", versionEndExcluding: "5.37", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*", matchCriteriaId: "F7F65954-FF1A-46A4-A003-FF8B9666880A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6DA7E90A-3449-4227-AFFC-8795391B5A03", versionEndExcluding: "5.37", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*", matchCriteriaId: "A4F6D0AA-CDD4-4F1C-98F1-1B381023B3F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A2B0B676-B7EA-46A0-810D-952F0DA19529", versionEndExcluding: "5.37", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*", matchCriteriaId: "AA85BCA2-CEF5-44EF-BEFB-5DA2638F5F37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5B8C4466-2347-44B8-B203-464F8A019B74", versionEndExcluding: "5.37", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*", matchCriteriaId: "D50CC94B-4EAA-44A7-AEF1-415491572FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "900FD6A2-3B4A-45FF-8C19-1CD23F79C631", versionEndExcluding: "5.37", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*", matchCriteriaId: "3EC7EB91-65C4-45EA-9CB4-3B3961724DCB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "90DDFD00-8BF4-457C-946C-0BA94C505082", versionEndExcluding: "5.37", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*", matchCriteriaId: "6762B13C-6FD5-49D7-B2D6-4986BAC3D425", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn2s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "83846539-9C22-4697-AC89-3910B8526B55", versionEndExcluding: "5.37", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn2s:-:*:*:*:*:*:*:*", matchCriteriaId: "3D3F001A-8790-463F-804B-CA5CAC610867", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F8AAB27-285D-407C-9177-BA1FB6B1D689", versionEndExcluding: "5.37", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*", matchCriteriaId: "E7C35A94-304B-46FB-BAA0-4E0C4F34BEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ECE9337E-37DC-416B-B311-C79B0315AE87", versionEndExcluding: "5.37", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*", matchCriteriaId: "D902D9D2-5215-4A70-9D16-F1C3BA10EE18", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "77E31983-F7D5-4577-BFB1-64CD17D3DDAF", versionEndExcluding: "5.37", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn_100:-:*:*:*:*:*:*:*", matchCriteriaId: "B1B81DDA-DDD5-4D9B-B631-815186E3839F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn_300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DFADD089-824D-43AA-8AE0-C571C7DE29B1", versionEndExcluding: "5.37", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn_300:-:*:*:*:*:*:*:*", matchCriteriaId: "212C5E8E-774A-446E-B7C7-80C349160BC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn_50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48F7450B-74ED-423D-B5C9-CD08DE85C72D", versionEndExcluding: "5.37", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn_50:-:*:*:*:*:*:*:*", matchCriteriaId: "FD872CA4-385D-49A9-B1DF-7C4467BD49AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nxc2500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "075CD289-4377-4E6F-AE41-671DFBB2DEB4", versionEndIncluding: "6.10\\(aaig.3\\)", versionStartIncluding: "6.10\\(aaig.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nxc2500:-:*:*:*:*:*:*:*", matchCriteriaId: "BADED427-DEFF-4213-836B-C8EF0531C39A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nxc5500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5296D40F-B269-43D6-9D3B-D9FC18921FBA", versionEndIncluding: "6.10\\(aaos.4\\)", versionStartIncluding: "6.10\\(aaos.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nxc5500:-:*:*:*:*:*:*:*", matchCriteriaId: "5A334B8B-8750-4519-B485-0AB0CECD212B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN series firmware versions 4.30 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to cause denial of service (DoS) conditions by sending a crafted request to the CAPWAP daemon.", }, ], id: "CVE-2023-34140", lastModified: "2024-11-21T08:06:38.010", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2023-07-17T18:15:09.667", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-05-24 06:15
Modified
2024-11-21 06:54
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "286FA4D2-DD37-4EFD-BCC4-98791B7E4F74", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "441EB008-4265-4569-A7B0-A5CAF0CA6B70", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFF1F98B-2B0C-46C6-AE43-EB652BA0800C", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3B6387BE-5DED-4D27-AACC-1F42DCB90A40", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D636401-CD8D-4D2C-9BEA-1C6F96D2FEA6", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD3684E5-F119-4BD9-A29A-C35C293BC058", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFC4992F-FF30-44E8-9041-4BA082D3549B", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "071225C7-8311-4C89-9633-AE5DB4800B01", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABF7A7FD-95D3-4343-9CE2-DFF8DBE8D125", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D952940F-FFEF-4480-9BD8-5E7CB1C27B2E", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_110_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "55B9C186-0EF6-457D-A865-93BEE28C03DB", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*", matchCriteriaId: "C7E32879-01A2-49B1-A354-068CEB1CA3A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_1100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D64DDA0B-FB12-49DA-818A-77D61B6328EB", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4B9AC6-7C55-42BD-A1D8-F5D5A19AC59D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_1900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F944352D-3F2E-4E67-9B0C-FCA488F49FDB", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*", matchCriteriaId: "92CE6F04-403B-4A52-A3A5-DD0190CF15D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_20w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18A8D2A1-CA75-4DAE-8C78-67E2588AD037", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*", matchCriteriaId: "6CD5A4AB-0CC2-4CAF-AAFA-0F866174842F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC6943C7-8559-414D-9A6A-865EEFBF223C", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E0597A0E-9416-4D2E-BAF5-BEFAAE1BB93E", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "32F7F370-C585-45FE-A7F7-40BFF13928CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B139EC4B-07CA-4D2C-8FBB-5C03F67ED169", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*", matchCriteriaId: "38B7995C-80E0-413B-9F2C-387EF3703927", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07F551AE-EB73-4B97-AFBA-23A201FBAA02", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*", matchCriteriaId: "D84DDB81-DE66-4427-8833-633B45A45A14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E469A8A0-D909-4713-ABA8-F2589452E193", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*", matchCriteriaId: "8F11F36C-60DB-4D81-A320-53EEE43758C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25670F1E-F6BA-4B2C-957F-4DCF1B112DBD", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*", matchCriteriaId: "C65DB5E9-2FE3-4807-970E-A42FDF82B50E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "095FB855-F923-41C8-A3C7-E252FCD57EB5", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*", matchCriteriaId: "82864EF6-B63D-4947-A18C-AE0156CCA7FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "19D358C5-E3CE-4362-94C2-6C8715AB9D54", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B18C8637-E459-482F-B977-7BA1A3D99CA7", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0015FD08-61BF-4022-9F84-12010EA1D5A9", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E4B752C-2CAD-4A72-9660-27B57B3EB7FC", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "39FCAC29-3FD8-49DF-A216-3393D9724DA7", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11A390EA-14B4-4A83-9215-2A8EEF10A564", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*", matchCriteriaId: "3F7F15F3-9A55-462F-8AE3-EE71B759DE68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F4C6D9E-87AB-4BEB-A9CF-EA767FC25437", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*", matchCriteriaId: "3F5C3A2C-12EA-4FAE-B088-665A90494685", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96C73B83-E2B8-402A-BC4F-4044D16F6D2C", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*", matchCriteriaId: "EAFF1122-755A-4531-AA2E-FD6E8478F92F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C95C785-5428-405C-A1DE-1E2202556178", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*", matchCriteriaId: "231547C3-33B8-42B7-983E-AA3C6CA5D107", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB666972-E152-45A6-BF0F-2F442565A9A9", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*", matchCriteriaId: "CC3082ED-A564-494D-8427-B61F15F6DD88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B39851C-29CA-4C74-8A3D-BA8AFB22D889", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*", matchCriteriaId: "F302801D-3720-4598-8458-A8938BD6CB46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A4A4415-2061-4BB3-B8AF-F492B4935F5F", versionEndExcluding: "1.33", versionStartIncluding: "1.00", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:-:*:*:*:*:*:*", matchCriteriaId: "D43F6C03-E7EE-43B9-81B7-2B298134A591", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch1:*:*:*:*:*:*", matchCriteriaId: "8872BA61-9164-48EC-8D7B-C41FCE76F32C", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch2:*:*:*:*:*:*", matchCriteriaId: "83FD24D6-959A-41D1-B7A3-6D06205EA8C9", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch3:*:*:*:*:*:*", matchCriteriaId: "CB5660D2-3C80-42CF-B91C-61212B1EA351", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch4:*:*:*:*:*:*", matchCriteriaId: "E83EFC74-309F-42BF-A2B5-850184B4BF20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nsg300:-:*:*:*:*:*:*:*", matchCriteriaId: "58B0886D-9AF4-453F-96DB-7ABAA5EE3B78", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "66EEF757-9B89-4D05-93DC-0B35CB5578AA", versionEndExcluding: "1.33", versionStartIncluding: "1.00", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:-:*:*:*:*:*:*", matchCriteriaId: "70DE2243-00D1-4C94-B53B-659F48BAFF08", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch1:*:*:*:*:*:*", matchCriteriaId: "E0722C8A-DACE-4FC8-8197-678CF4F6E0C9", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch2:*:*:*:*:*:*", matchCriteriaId: "3ED9A278-5B95-4607-B832-A2AB7FB8A9A6", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch3:*:*:*:*:*:*", matchCriteriaId: "DA5E8CF5-C7D8-4827-BE19-AC4EB7E66AC1", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch4:*:*:*:*:*:*", matchCriteriaId: "415A2C9A-005A-433D-A423-F5D9CA6C8A19", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nsg100:-:*:*:*:*:*:*:*", matchCriteriaId: "D6C5054F-BCC7-4E00-8786-24F85B2A200E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "734BB40E-9A07-4508-8C49-5A21072691B4", versionEndExcluding: "1.33", versionStartIncluding: "1.00", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:-:*:*:*:*:*:*", matchCriteriaId: "E549004C-F19F-4F2D-8522-849C008B2132", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch1:*:*:*:*:*:*", matchCriteriaId: "013AE5DA-537B-4198-A55C-17FD08F7CB9F", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch2:*:*:*:*:*:*", matchCriteriaId: "E0D0898D-A7C6-441B-A0C8-BA7B5B2E362F", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch3:*:*:*:*:*:*", matchCriteriaId: "D8E83137-D14D-4143-8D38-59787AAE36D3", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch4:*:*:*:*:*:*", matchCriteriaId: "00CB6F78-BA15-489E-BCD8-25CECB8FCBED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nsg50:-:*:*:*:*:*:*:*", matchCriteriaId: "8B084120-41C6-4F3C-9803-9C178EB4DE91", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nxc2500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "099AC2B1-7352-43EC-811A-89937FA1E2E3", versionEndIncluding: "6.10\\(aaig.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nxc2500:-:*:*:*:*:*:*:*", matchCriteriaId: "BADED427-DEFF-4213-836B-C8EF0531C39A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nxc5500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "012B7439-FDDB-464D-8D11-AAAF54E9F59A", versionEndIncluding: "6.10\\(aaos.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nxc5500:-:*:*:*:*:*:*:*", matchCriteriaId: "5A334B8B-8750-4519-B485-0AB0CECD212B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00D41E43-D7BA-4927-9966-2847E12270E6", versionEndIncluding: "6.25\\(abfa.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap203:-:*:*:*:*:*:*:*", matchCriteriaId: "80AE2CEA-90AC-421A-86BB-F404CDE7785D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93110B5F-CB02-4413-9588-35B47D7A5CE3", versionEndIncluding: "6.25\\(abex.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap303:-:*:*:*:*:*:*:*", matchCriteriaId: "C4BF5D4C-DB8E-4077-BE78-C73AA203406C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C44494F9-1ADA-4A3D-8FBA-D0D97C3DACB5", versionEndIncluding: "6.25\\(abey.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap353:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCEC13E-3D1C-4B42-87F5-94FE1066C218", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A696580F-3993-4653-B48E-AAB7D1A2B7DC", versionEndIncluding: "6.25\\(abyw.5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E809B8FE-DBF8-4B7F-B33E-939750D08617", versionEndIncluding: "6.25\\(abzl.5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "554C9C1E-EE3C-4BD7-95CF-9748167EA691", versionEndIncluding: "6.27\\(accv.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDFAECE0-C011-4488-89A8-249972CA0773", versionEndIncluding: "6.30\\(abtg.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5DD8FF80-E4B1-4521-B2D3-B2B4B4049A14", versionEndIncluding: "6.30\\(abtd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123-ac-hd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF0819A0-7616-467F-BF17-59302EADCA0C", versionEndIncluding: "6.25\\(abin.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123-ac-hd:-:*:*:*:*:*:*:*", matchCriteriaId: "27F719D3-0D19-4D92-9570-4B1A48AD5670", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "858A8B50-515B-4CD3-B07C-3633EE605CC9", versionEndIncluding: "6.25\\(abhd.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123-ac-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9DC66B07-67FB-47F6-B54B-E40BE89F33A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF0C532C-D263-4EDA-8127-0CE61A02353A", versionEndIncluding: "6.30\\(abvt.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*", matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1302-ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A9DF9C2-7BD9-456D-8D27-DD6966A0B4AA", versionEndIncluding: "6.25\\(abku.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1302-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA514BB-B688-4EBD-9530-F5112F7503F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa5123-ac-hd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A775E4A-4672-494E-A5A4-D906180092FA", versionEndIncluding: "6.25\\(abim.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa5123-ac-hd:-:*:*:*:*:*:*:*", matchCriteriaId: "1808BC03-AE4E-4AB7-996D-89081808720B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "528A7200-2884-4849-82EC-516A6BAB9DD2", versionEndIncluding: "6.30\\(abwa.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD646A37-5CE7-4B9D-9F9A-0443F5A35047", versionEndIncluding: "6.30\\(abvs.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*", matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac5302d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EC5ABF47-C899-4C1B-AFFB-11F37B2CA1B2", versionEndIncluding: "6.10\\(abfh.10\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac5302d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "E4AA4FC1-E3E4-499F-B0C1-22B738DA4DA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "97843B29-E50B-4451-8583-9120A30908D4", versionEndIncluding: "6.25\\(abvz.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*", matchCriteriaId: "A690501F-DC2D-4F90-ABC0-33B5F1279C36", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4DDC631C-0510-4E30-B896-B218ABE618AA", versionEndIncluding: "6.25\\(aaxh.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*", matchCriteriaId: "341DB051-7F01-4B36-BA15-EBC25FACB439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0126F87D-14E9-402B-975A-FB11855D1E6C", versionEndIncluding: "6.25\\(abgl.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F08117-0BCE-4EA1-8DA7-1AC4EFF67E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C5701D95-35AC-489B-8348-E3AC32D1626D", versionEndIncluding: "6.25\\(aasd.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6502d-e:-:*:*:*:*:*:*:*", matchCriteriaId: "FD8842C8-FB0A-46F0-9BB4-CAC6334D1E51", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00AA8697-6B5D-439C-8E9A-B0B1EBDF1496", versionEndIncluding: "6.25\\(aase.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "DD108388-ABE5-4142-910F-C3C8B1C13617", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7ADC5F9-B1CE-474A-958F-F6267507A5E1", versionEndIncluding: "6.25\\(aasf.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6553d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A467110-CF4D-45CB-8855-EBA5D5985294", versionEndIncluding: "6.25\\(aasg.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6553d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "DD45FA01-D2BF-441A-8669-1190F79D206B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "978F6DD8-A04F-4DC0-8497-4F6454FA3235", versionEndIncluding: "6.25\\(abio.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "CD47738A-9001-4CC1-8FED-1D1CFC56F548", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F272586C-292F-409C-9BDB-D9D70C0C3D2A", versionEndIncluding: "6.30\\(abtf.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86B43BD3-CA22-4D81-9281-78A3B23FAC60", versionEndIncluding: "6.30\\(abte.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A26EEF52-DC36-4D5C-9E2F-25238615B2BC", versionEndIncluding: "6.30\\(abzd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AAF35E44-DC87-49EC-868A-C721CC4FFD3B", versionEndIncluding: "6.30\\(abrm.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.", }, { lang: "es", value: "Se han identificado varios fallos de comprobación de entrada inadecuados en algunos comandos CLI de las Zyxel USG/ZyWALL versiones de firmware 4.09 hasta 4.71, USG FLEX series versiones de firmware 4.50 hasta 5.21, ATP series versiones de firmware 4.32 hasta 5.21, VPN series versiones de firmware 4.30 a 5.21, NSG series versiones de firmware1.00 hasta 1.33 Patch 4, NXC2500 versión de firmware 6.10(AAIG.3 ) y versiones anteriores, el firmware NAP203 versión 6.25(ABFA.7) y versiones anteriores, NWA50AX versión de firmware 6.25(ABYW.5) y versiones anteriores, WAC500 versión de firmware 6.30(ABVS.2) y versiones anteriores, WAX510D versión de firmware 6.30(ABTF.2) y versiones anteriores, que podría permitir a un atacante local autenticado causar un desbordamiento del búfer o un bloqueo del sistema por medio de una carga útil diseñada", }, ], id: "CVE-2022-26531", lastModified: "2024-11-21T06:54:07.470", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4.2, source: "security@zyxel.com.tw", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-05-24T06:15:09.297", references: [ { source: "security@zyxel.com.tw", url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, { source: "security@zyxel.com.tw", url: "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html", }, { source: "security@zyxel.com.tw", url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-07-17 18:15
Modified
2024-11-21 08:06
Severity ?
Summary
A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.00 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.00 through 5.36 Patch 2, VPN series firmware versions 5.00 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the managed AP list in advance.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72763DA5-0150-49FB-A91C-688141B40510", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "369543A8-1D92-42AF-896D-30A38E02D8E5", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "32F7F370-C585-45FE-A7F7-40BFF13928CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3844EDBE-1FDA-48E0-9535-D81657E1820A", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61B89E2F-9A44-4A02-9279-158CDAA787D5", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6081F154-4A1E-4630-99BB-846B68F5B818", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "428D392F-2427-4510-9185-AD9C1FC839A1", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "614F4C95-8835-4A0A-B965-51FBD0289DE5", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DD16BDCE-428C-40B2-BE9E-593ED4C59819", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F253FB99-B7E9-4809-9E3A-F9964B6B3BD8", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7934D2B0-6F47-4621-B837-93F103C09BEF", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*", matchCriteriaId: "A899D2DE-8C74-4EA1-BD87-B8BF37CBFB6D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6A6F6563-A53C-4910-AE9C-281C711264C8", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*", matchCriteriaId: "F7F65954-FF1A-46A4-A003-FF8B9666880A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "73256990-7CFC-42A3-9F60-7D6696C9CF83", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*", matchCriteriaId: "A4F6D0AA-CDD4-4F1C-98F1-1B381023B3F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3CA4209-A74D-4BEA-BDB0-759F22766466", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*", matchCriteriaId: "AA85BCA2-CEF5-44EF-BEFB-5DA2638F5F37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6BF969BF-9E27-476A-B9B8-6AD726F7F66B", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*", matchCriteriaId: "D50CC94B-4EAA-44A7-AEF1-415491572FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3BE49691-6313-4A82-BA93-5C7FE49E4E6E", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*", matchCriteriaId: "3EC7EB91-65C4-45EA-9CB4-3B3961724DCB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6362D1C8-DD85-45E6-B6F0-BB9882FA0F19", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*", matchCriteriaId: "6762B13C-6FD5-49D7-B2D6-4986BAC3D425", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn2s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC7F9D7-2688-4848-9B3F-60C35E66423E", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn2s:-:*:*:*:*:*:*:*", matchCriteriaId: "3D3F001A-8790-463F-804B-CA5CAC610867", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E19C1F04-1F67-4502-B6E2-B7DA771E1ACA", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*", matchCriteriaId: "E7C35A94-304B-46FB-BAA0-4E0C4F34BEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54D49F68-BCE2-432F-AC2B-1975F7BDBCE7", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*", matchCriteriaId: "D902D9D2-5215-4A70-9D16-F1C3BA10EE18", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C380259A-B524-41EC-A733-805F617BA3E1", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn_100:-:*:*:*:*:*:*:*", matchCriteriaId: "B1B81DDA-DDD5-4D9B-B631-815186E3839F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn_300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DF3F62F3-0681-4150-8F89-B44708DE75ED", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn_300:-:*:*:*:*:*:*:*", matchCriteriaId: "212C5E8E-774A-446E-B7C7-80C349160BC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn_50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11E3C89D-EEEC-449F-9783-91E0AE286223", versionEndExcluding: "5.37", versionStartIncluding: "5.00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn_50:-:*:*:*:*:*:*:*", matchCriteriaId: "FD872CA4-385D-49A9-B1DF-7C4467BD49AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nxc2500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "075CD289-4377-4E6F-AE41-671DFBB2DEB4", versionEndIncluding: "6.10\\(aaig.3\\)", versionStartIncluding: "6.10\\(aaig.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nxc2500:-:*:*:*:*:*:*:*", matchCriteriaId: "BADED427-DEFF-4213-836B-C8EF0531C39A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nxc5500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5296D40F-B269-43D6-9D3B-D9FC18921FBA", versionEndIncluding: "6.10\\(aaos.4\\)", versionStartIncluding: "6.10\\(aaos.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nxc5500:-:*:*:*:*:*:*:*", matchCriteriaId: "5A334B8B-8750-4519-B485-0AB0CECD212B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.00 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.00 through 5.36 Patch 2, VPN series firmware versions 5.00 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the managed AP list in advance.", }, ], id: "CVE-2023-34141", lastModified: "2024-11-21T08:06:38.180", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 5.9, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2023-07-17T18:15:09.770", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
CVE-2022-26532 (GCVE-0-2022-26532)
Vulnerability from cvelistv5
Published
2022-05-24 05:20
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml | x_refsource_CONFIRM | |
| http://seclists.org/fulldisclosure/2022/Jun/15 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | USG/ZyWALL series firmware |
Version: 4.09 through 4.71 |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.963Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, { name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "USG/ZyWALL series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.09 through 4.71", }, ], }, { product: "USG FLEX series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.50 through 5.21", }, ], }, { product: "ATP series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.32 through 5.21", }, ], }, { product: "VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.30 through 5.21", }, ], }, { product: "NSG series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "1.00 through 1.33 Patch 4", }, ], }, { product: "NXC2500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.10(AAIG.3)", }, ], }, { product: "NAP203 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.25(ABFA.7)", }, ], }, { product: "NWA50AX firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.25(ABYW.5)", }, ], }, { product: "WAC500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.30(ABVS.2)", }, ], }, { product: "WAX510D firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.30(ABTF.2)", }, ], }, ], descriptions: [ { lang: "en", value: "A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-88", description: "CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-19T18:06:10", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, { name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@zyxel.com.tw", ID: "CVE-2022-26532", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "USG/ZyWALL series firmware", version: { version_data: [ { version_value: "4.09 through 4.71", }, ], }, }, { product_name: "USG FLEX series firmware", version: { version_data: [ { version_value: "4.50 through 5.21", }, ], }, }, { product_name: "ATP series firmware", version: { version_data: [ { version_value: "4.32 through 5.21", }, ], }, }, { product_name: "VPN series firmware", version: { version_data: [ { version_value: "4.30 through 5.21", }, ], }, }, { product_name: "NSG series firmware", version: { version_data: [ { version_value: "1.00 through 1.33 Patch 4", }, ], }, }, { product_name: "NXC2500 firmware", version: { version_data: [ { version_value: "<= 6.10(AAIG.3)", }, ], }, }, { product_name: "NAP203 firmware", version: { version_data: [ { version_value: "<= 6.25(ABFA.7)", }, ], }, }, { product_name: "NWA50AX firmware", version: { version_data: [ { version_value: "<= 6.25(ABYW.5)", }, ], }, }, { product_name: "WAC500 firmware", version: { version_data: [ { version_value: "<= 6.30(ABVS.2)", }, ], }, }, { product_name: "WAX510D firmware", version: { version_data: [ { version_value: "<= 6.30(ABTF.2)", }, ], }, }, ], }, vendor_name: "Zyxel", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.", }, ], }, impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", }, ], }, ], }, references: { reference_data: [ { name: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", refsource: "CONFIRM", url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, { name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { name: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2022-26532", datePublished: "2022-05-24T05:20:09", dateReserved: "2022-03-07T00:00:00", dateUpdated: "2024-08-03T05:03:32.963Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2023-34140 (GCVE-0-2023-34140)
Vulnerability from cvelistv5
Published
2023-07-17 17:49
Modified
2024-10-21 19:42
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN series firmware versions 4.30 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to cause denial of service (DoS) conditions by sending a crafted request to the CAPWAP daemon.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | ATP series firmware |
Version: 4.32 through 5.36 Patch 2 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:01:54.194Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-34140", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-21T19:17:36.859068Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-21T19:42:15.688Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "ATP series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.32 through 5.36 Patch 2", }, ], }, { defaultStatus: "unaffected", product: "USG FLEX series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.50 through 5.36 Patch 2", }, ], }, { defaultStatus: "unaffected", product: "USG FLEX 50(W) series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.16 through 5.36 Patch 2", }, ], }, { defaultStatus: "unaffected", product: "USG20(W)-VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.16 through 5.36 Patch 2", }, ], }, { defaultStatus: "unaffected", product: "VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.30 through 5.36 Patch 2", }, ], }, { defaultStatus: "unaffected", product: "NXC2500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "6.10(AAIG.0) through 6.10(AAIG.3)", }, ], }, { defaultStatus: "unaffected", product: "NXC5500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "6.10(AAOS.0) through 6.10(AAOS.4)", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN series firmware versions 4.30 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to cause denial of service (DoS) conditions by sending a crafted request to the CAPWAP daemon.", }, ], value: "A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN series firmware versions 4.30 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to cause denial of service (DoS) conditions by sending a crafted request to the CAPWAP daemon.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-17T17:49:38.175Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2023-34140", datePublished: "2023-07-17T17:49:38.175Z", dateReserved: "2023-05-26T03:44:51.339Z", dateUpdated: "2024-10-21T19:42:15.688Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2023-34141 (GCVE-0-2023-34141)
Vulnerability from cvelistv5
Published
2023-07-17 17:56
Modified
2024-10-29 16:06
Severity ?
EPSS score ?
Summary
A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.00 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.00 through 5.36 Patch 2, VPN series firmware versions 5.00 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the managed AP list in advance.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | ATP series firmware |
Version: 5.00 through 5.36 Patch 2 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:01:53.937Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:h:zyxel:atp:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "atp", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.36_patch-2", status: "affected", version: "5.00", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:zyxel:usg_flex:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "usg_flex", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.36_patch-2", status: "affected", version: "5.00", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:usg_flex_50w_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "usg_flex_50w_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.36_patch-2", status: "affected", version: "5.00", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "usg20w-vpn_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.36_patch-2", status: "affected", version: "5.00", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:vpn_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "vpn_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.36_patch-2", status: "affected", version: "5.00", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nxc2500_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "nxc2500_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "6.10(AAIG.3)", status: "affected", version: "6.10(AAIG.0)", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nxc5500_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "nxc5500_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "6.10(AAOS.4)", status: "affected", version: "6.10(AAOS.0)", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-34141", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-29T15:54:42.546431Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-29T16:06:41.479Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "ATP series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "5.00 through 5.36 Patch 2", }, ], }, { defaultStatus: "unaffected", product: "USG FLEX series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "5.00 through 5.36 Patch 2", }, ], }, { defaultStatus: "unaffected", product: "USG FLEX 50(W) series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "5.00 through 5.36 Patch 2", }, ], }, { defaultStatus: "unaffected", product: "USG20(W)-VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "5.00 through 5.36 Patch 2", }, ], }, { defaultStatus: "unaffected", product: "VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "5.00 through 5.36 Patch 2", }, ], }, { defaultStatus: "unaffected", product: "NXC2500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "6.10(AAIG.0) through 6.10(AAIG.3)", }, ], }, { defaultStatus: "unaffected", product: "NXC5500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: " 6.10(AAOS.0) through 6.10(AAOS.4)", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.00 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.00 through 5.36 Patch 2, VPN series firmware versions 5.00 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the managed AP list in advance.", }, ], value: "A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.00 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.00 through 5.36 Patch 2, VPN series firmware versions 5.00 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the managed AP list in advance.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-17T17:56:26.818Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2023-34141", datePublished: "2023-07-17T17:56:26.818Z", dateReserved: "2023-05-26T03:44:51.339Z", dateUpdated: "2024-10-29T16:06:41.479Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-26531 (GCVE-0-2022-26531)
Vulnerability from cvelistv5
Published
2022-05-24 00:00
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | USG/ZyWALL series firmware |
Version: 4.09 through 4.71 |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:33.155Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, { name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "USG/ZyWALL series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.09 through 4.71", }, ], }, { product: "USG FLEX series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.50 through 5.21", }, ], }, { product: "ATP series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.32 through 5.21", }, ], }, { product: "VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.30 through 5.21", }, ], }, { product: "NSG series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "1.00 through 1.33 Patch 4", }, ], }, { product: "NXC2500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.10(AAIG.3)", }, ], }, { product: "NAP203 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.25(ABFA.7)", }, ], }, { product: "NWA50AX firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.25(ABYW.5)", }, ], }, { product: "WAC500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.30(ABVS.2)", }, ], }, { product: "WAX510D firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.30(ABTF.2)", }, ], }, ], descriptions: [ { lang: "en", value: "Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20: Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-09T18:05:56.732587", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, { name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, { url: "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html", }, ], }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2022-26531", datePublished: "2022-05-24T00:00:00", dateReserved: "2022-03-07T00:00:00", dateUpdated: "2024-08-03T05:03:33.155Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }