All the vulnerabilites related to zyxel - usg20-vpn
var-202305-2121
Vulnerability from variot
A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device. ATP100 firmware, ATP200 firmware, ATP500 firmware etc. ZyXEL The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202305-2121",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "usg flex 100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "vpn300",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 60",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "usg flex 700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "atp100w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 50",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 20w-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "atp800",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 700",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 20w-vpn",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn50",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp800",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "atp500",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg20-vpn",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "vpn1000",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg flex 200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg flex 500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg flex 200",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 500",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp200",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "atp200",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 60w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "usg flex 200",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp100w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 40",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "vpn300",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg flex 50w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 50",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg20-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "vpn1000",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "atp100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg flex 50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "vpn300",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg20-vpn",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 50w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "vpn1000",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp700",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 40",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg 40w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "usg flex 50w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "vpn100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg flex 100w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 60",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "atp800",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 60",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg 20w-vpn",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 700",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn50",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 40",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "usg 40w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "atp500",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 40w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "usg 60w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "atp700",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 500",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 60w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "atp700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "atp100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp800",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 50",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp700",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp100w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007635"
},
{
"db": "NVD",
"id": "CVE-2023-33009"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100w_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100w_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp700_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp700_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_200_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_200_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_500_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_500_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_700_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_700_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn1000_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn1000_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_40_firmware:4.73:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_40_firmware:4.73:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_40w_firmware:4.73:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_40w_firmware:4.73:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_60w_firmware:4.73:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_60w_firmware:4.73:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_60_firmware:4.73:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_60_firmware:4.73:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33009"
}
]
},
"cve": "CVE-2023-33009",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "security@zyxel.com.tw",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2023-007635",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "security@zyxel.com.tw",
"id": "CVE-2023-33009",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2023-33009",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "OTHER",
"id": "JVNDB-2023-007635",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202305-2094",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007635"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-2094"
},
{
"db": "NVD",
"id": "CVE-2023-33009"
},
{
"db": "NVD",
"id": "CVE-2023-33009"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device. ATP100 firmware, ATP200 firmware, ATP500 firmware etc. ZyXEL The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33009"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-007635"
},
{
"db": "VULMON",
"id": "CVE-2023-33009"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-33009",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2023-007635",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202305-2094",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-33009",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-33009"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-007635"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-2094"
},
{
"db": "NVD",
"id": "CVE-2023-33009"
}
]
},
"id": "VAR-202305-2121",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3125
},
"last_update_date": "2024-04-03T22:50:49.469000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel ATP Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=240582"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202305-2094"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007635"
},
{
"db": "NVD",
"id": "CVE-2023-33009"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-33009"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-33009/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-33009"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-007635"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-2094"
},
{
"db": "NVD",
"id": "CVE-2023-33009"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-33009"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-007635"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-2094"
},
{
"db": "NVD",
"id": "CVE-2023-33009"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-24T00:00:00",
"db": "VULMON",
"id": "CVE-2023-33009"
},
{
"date": "2023-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-007635"
},
{
"date": "2023-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202305-2094"
},
{
"date": "2023-05-24T13:15:09.560000",
"db": "NVD",
"id": "CVE-2023-33009"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-24T00:00:00",
"db": "VULMON",
"id": "CVE-2023-33009"
},
{
"date": "2023-11-24T08:10:00",
"db": "JVNDB",
"id": "JVNDB-2023-007635"
},
{
"date": "2023-06-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202305-2094"
},
{
"date": "2024-04-01T15:51:48.877000",
"db": "NVD",
"id": "CVE-2023-33009"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202305-2094"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0ZyXEL\u00a0 Classic buffer overflow vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007635"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202305-2094"
}
],
"trust": 0.6
}
}
var-201904-0115
Vulnerability from variot
On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized 'mp_idx' parameter. plural ZyXEL The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. ZyXELZyWall310 and other products are all products of ZyXEL Corporation of Taiwan, China. ZyXELZyWall310 is a 310 series VPN firewall device. ZyXELZyWall110 is a 110 series VPN firewall device. The ZyXELUSG1900 is a next-generation unified security gateway device. A cross-site scripting vulnerability exists in several Zyxel products that stems from the lack of proper validation of client data by web applications. An attacker could exploit the vulnerability to execute client code. ZyXEL ZyWall 310, etc. The following products are affected: Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, Zy0WALL
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-0115",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "usg110",
"scope": null,
"trust": 1.4,
"vendor": "zyxel",
"version": null
},
{
"model": "usg60w",
"scope": null,
"trust": 1.4,
"vendor": "zyxel",
"version": null
},
{
"model": "usg60",
"scope": null,
"trust": 1.4,
"vendor": "zyxel",
"version": null
},
{
"model": "usg40w",
"scope": null,
"trust": 1.4,
"vendor": "zyxel",
"version": null
},
{
"model": "usg40",
"scope": null,
"trust": 1.4,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20w-vpn",
"scope": null,
"trust": 1.4,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20-vpn",
"scope": null,
"trust": 1.4,
"vendor": "zyxel",
"version": null
},
{
"model": "atp800",
"scope": null,
"trust": 1.4,
"vendor": "zyxel",
"version": null
},
{
"model": "atp500",
"scope": null,
"trust": 1.4,
"vendor": "zyxel",
"version": null
},
{
"model": "atp200",
"scope": null,
"trust": 1.4,
"vendor": "zyxel",
"version": null
},
{
"model": "usg110",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "usg1100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "zywall 110",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "zywall 310",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "atp800",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "usg310",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "usg1900",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "atp200",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "usg60w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "vpn100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "usg2200-vpn",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "vpn50",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20-vpn",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "usg40",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "vpn300",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "atp500",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "usg40w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "zywall 1100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "usg210",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "usg60",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "usg20w-vpn",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.31"
},
{
"model": "nbg-418n modem",
"scope": "eq",
"trust": 0.6,
"vendor": "zyxel",
"version": "v2"
},
{
"model": "nas",
"scope": "eq",
"trust": 0.6,
"vendor": "zyxel",
"version": "326"
},
{
"model": "usg1100",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "usg310",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "usg210",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "zywall",
"scope": "eq",
"trust": 0.6,
"vendor": "zyxel",
"version": "1100"
},
{
"model": "zywall",
"scope": "eq",
"trust": 0.6,
"vendor": "zyxel",
"version": "310"
},
{
"model": "zywall",
"scope": "eq",
"trust": 0.6,
"vendor": "zyxel",
"version": "110"
},
{
"model": "usg2200-vpn",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "usg1900",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13778"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004359"
},
{
"db": "NVD",
"id": "CVE-2019-9955"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40w_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60w_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg110_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg210_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg310_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg1100_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg1900_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg2200-vpn_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg2200-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_110_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_310_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_1100_firmware:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9955"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Aaron Bishop",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-785"
}
],
"trust": 0.6
},
"cve": "CVE-2019-9955",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-9955",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-13778",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-161390",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2019-9955",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-9955",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2019-13778",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-785",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-161390",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-9955",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13778"
},
{
"db": "VULHUB",
"id": "VHN-161390"
},
{
"db": "VULMON",
"id": "CVE-2019-9955"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004359"
},
{
"db": "NVD",
"id": "CVE-2019-9955"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-785"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized \u0027mp_idx\u0027 parameter. plural ZyXEL The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. ZyXELZyWall310 and other products are all products of ZyXEL Corporation of Taiwan, China. ZyXELZyWall310 is a 310 series VPN firewall device. ZyXELZyWall110 is a 110 series VPN firewall device. The ZyXELUSG1900 is a next-generation unified security gateway device. A cross-site scripting vulnerability exists in several Zyxel products that stems from the lack of proper validation of client data by web applications. An attacker could exploit the vulnerability to execute client code. ZyXEL ZyWall 310, etc. The following products are affected: Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, Zy0WALL ",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9955"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004359"
},
{
"db": "CNVD",
"id": "CNVD-2019-13778"
},
{
"db": "VULHUB",
"id": "VHN-161390"
},
{
"db": "VULMON",
"id": "CVE-2019-9955"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=46706",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-9955"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-9955",
"trust": 3.2
},
{
"db": "PACKETSTORM",
"id": "152525",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "46706",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004359",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201904-785",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-13778",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-161390",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-9955",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13778"
},
{
"db": "VULHUB",
"id": "VHN-161390"
},
{
"db": "VULMON",
"id": "CVE-2019-9955"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004359"
},
{
"db": "NVD",
"id": "CVE-2019-9955"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-785"
}
]
},
"id": "VAR-201904-0115",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13778"
},
{
"db": "VULHUB",
"id": "VHN-161390"
}
],
"trust": 1.111455034
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13778"
}
]
},
"last_update_date": "2023-12-18T12:43:35.075000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel security advisory for reflected cross-site scripting vulnerability of firewalls",
"trust": 0.8,
"url": "https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml"
},
{
"title": "CVEs",
"trust": 0.1,
"url": "https://github.com/irbishop/cves "
},
{
"title": "CVEs",
"trust": 0.1,
"url": "https://github.com/irbishop/cve "
},
{
"title": "nuclei-templates",
"trust": 0.1,
"url": "https://github.com/storenth/nuclei-templates "
},
{
"title": "kenzer-templates",
"trust": 0.1,
"url": "https://github.com/elsfa7-110/kenzer-templates "
},
{
"title": "kenzer-templates",
"trust": 0.1,
"url": "https://github.com/arpsyndicate/kenzer-templates "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-9955"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004359"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161390"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004359"
},
{
"db": "NVD",
"id": "CVE-2019-9955"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.securitymetrics.com/blog/zyxel-devices-vulnerable-cross-site-scripting-login-page"
},
{
"trust": 2.4,
"url": "http://seclists.org/fulldisclosure/2019/apr/22"
},
{
"trust": 2.4,
"url": "http://packetstormsecurity.com/files/152525/zyxel-zywall-cross-site-scripting.html"
},
{
"trust": 1.8,
"url": "https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/46706/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9955"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9955"
},
{
"trust": 0.7,
"url": "https://www.exploit-db.com/exploits/46706"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/irbishop/cves"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13778"
},
{
"db": "VULHUB",
"id": "VHN-161390"
},
{
"db": "VULMON",
"id": "CVE-2019-9955"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004359"
},
{
"db": "NVD",
"id": "CVE-2019-9955"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-785"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-13778"
},
{
"db": "VULHUB",
"id": "VHN-161390"
},
{
"db": "VULMON",
"id": "CVE-2019-9955"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004359"
},
{
"db": "NVD",
"id": "CVE-2019-9955"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-785"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-13778"
},
{
"date": "2019-04-22T00:00:00",
"db": "VULHUB",
"id": "VHN-161390"
},
{
"date": "2019-04-22T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9955"
},
{
"date": "2019-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004359"
},
{
"date": "2019-04-22T20:29:00.447000",
"db": "NVD",
"id": "CVE-2019-9955"
},
{
"date": "2019-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-785"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-13778"
},
{
"date": "2019-04-30T00:00:00",
"db": "VULHUB",
"id": "VHN-161390"
},
{
"date": "2019-04-30T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9955"
},
{
"date": "2019-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004359"
},
{
"date": "2019-04-30T14:34:36.653000",
"db": "NVD",
"id": "CVE-2019-9955"
},
{
"date": "2019-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-785"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural ZyXEL Product cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004359"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-785"
}
],
"trust": 0.6
}
}
var-202207-1385
Vulnerability from variot
A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.11 through 4.72, that could allow an authenticated attacker to access some restricted files on a vulnerable device. usg flex 100w firmware, USG FLEX 200 firmware, USG FLEX 500 firmware etc. ZyXEL The product contains a path traversal vulnerability.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-1385",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "usg flex 100w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "zywall 1100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp800",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg flex 50w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "atp700",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg 2200-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "zywall 310",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp800",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "zywall 1100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg20-vpn",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "atp100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg flex 50w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.20"
},
{
"model": "vpn300",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "usg40",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "atp500",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg flex 500",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "zywall 310",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg 2200-vpn",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg flex 500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg40w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "vpn300",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "atp100w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "atp700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "vpn100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "usg60",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.20"
},
{
"model": "atp500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "vpn1000",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "vpn50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp200",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "vpn100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "atp100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "atp100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "vpn1000",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "zywall 110",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "usg flex 700",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg60",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "usg60w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.20"
},
{
"model": "vpn50",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg20w-vpn",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "zywall 110",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "atp200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg40",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.20"
},
{
"model": "usg60w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "usg20-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "usg flex 700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg40w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.20"
},
{
"model": "usg flex 200",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg20w-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.20"
},
{
"model": "usg flex 100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "vpn100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn50",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 50w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn300",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg 2200-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "zywall 110",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp800",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 100w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp100w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20w-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp700",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn1000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg 310",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 700",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-013719"
},
{
"db": "NVD",
"id": "CVE-2022-2030"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-2030"
}
]
},
"cve": "CVE-2022-2030",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-2030",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-2030",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "security@zyxel.com.tw",
"id": "CVE-2022-2030",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-1613",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-013719"
},
{
"db": "NVD",
"id": "CVE-2022-2030"
},
{
"db": "NVD",
"id": "CVE-2022-2030"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1613"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.11 through 4.72, that could allow an authenticated attacker to access some restricted files on a vulnerable device. usg flex 100w firmware, USG FLEX 200 firmware, USG FLEX 500 firmware etc. ZyXEL The product contains a path traversal vulnerability.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-2030"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-013719"
},
{
"db": "VULMON",
"id": "CVE-2022-2030"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-2030",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-013719",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1613",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-2030",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-2030"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-013719"
},
{
"db": "NVD",
"id": "CVE-2022-2030"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1613"
}
]
},
"id": "VAR-202207-1385",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.2867630485714286
},
"last_update_date": "2023-12-18T11:55:49.322000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel USG FLEX Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=201960"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-1613"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.0
},
{
"problemtype": "Path traversal (CWE-22) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-013719"
},
{
"db": "NVD",
"id": "CVE-2022-2030"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.zyxel.com/support/zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2030"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-2030/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-2030"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-013719"
},
{
"db": "NVD",
"id": "CVE-2022-2030"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1613"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2022-2030"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-013719"
},
{
"db": "NVD",
"id": "CVE-2022-2030"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1613"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-19T00:00:00",
"db": "VULMON",
"id": "CVE-2022-2030"
},
{
"date": "2023-09-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-013719"
},
{
"date": "2022-07-19T06:15:08.383000",
"db": "NVD",
"id": "CVE-2022-2030"
},
{
"date": "2022-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-1613"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-19T00:00:00",
"db": "VULMON",
"id": "CVE-2022-2030"
},
{
"date": "2023-09-11T08:18:00",
"db": "JVNDB",
"id": "JVNDB-2022-013719"
},
{
"date": "2022-07-29T22:00:11.850000",
"db": "NVD",
"id": "CVE-2022-2030"
},
{
"date": "2022-08-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-1613"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-1613"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0ZyXEL\u00a0 Past traversal vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-013719"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-1613"
}
],
"trust": 0.6
}
}
var-202302-0865
Vulnerability from variot
A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72, VPN series firmware versions 4.30 through 5.32, USG FLEX series firmware versions 4.50 through 5.32, and ATP series firmware versions 4.32 through 5.32, which could allow an authenticated attacker with administrator privileges to execute OS commands. plural Zyxel The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202302-0865",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "usg flex 500",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "zywall 110",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.20"
},
{
"model": "atp800",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "vpn300",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "atp100w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "usg40",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "vpn300",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "usg flex 500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg40w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "atp200",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "vpn100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "usg40w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.20"
},
{
"model": "zywall 110",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "atp700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "vpn1000",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "vpn100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "zywall 1100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.20"
},
{
"model": "usg flex 50",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "usg60",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.20"
},
{
"model": "usg20w-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg flex 700",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "usg flex 100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "vpn1000",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "vpn50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "vpn50",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "usg20w-vpn",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "zywall 310",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.20"
},
{
"model": "atp100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "atp100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg flex 50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "zywall 1100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "usg flex 200",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "usg flex 100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg60",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "usg60w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.20"
},
{
"model": "usg flex 100w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "atp800",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "zywall 310",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "atp200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg40",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.20"
},
{
"model": "atp700",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "usg20-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "usg flex 700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg20-vpn",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "atp100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "atp500",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.32"
},
{
"model": "usg60w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "usg flex 100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 50",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp700",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp100w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 700",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp800",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-003229"
},
{
"db": "NVD",
"id": "CVE-2022-38547"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-38547"
}
]
},
"cve": "CVE-2022-38547",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2023-003229",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-38547",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "security@zyxel.com.tw",
"id": "CVE-2022-38547",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2023-003229",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202302-487",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-003229"
},
{
"db": "NVD",
"id": "CVE-2022-38547"
},
{
"db": "NVD",
"id": "CVE-2022-38547"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-487"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72, VPN series firmware versions 4.30 through 5.32, USG FLEX series firmware versions 4.50 through 5.32, and ATP series firmware versions 4.32 through 5.32, which could allow an authenticated attacker with administrator privileges to execute OS commands. plural Zyxel The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-38547"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003229"
},
{
"db": "VULMON",
"id": "CVE-2022-38547"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-38547",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003229",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202302-487",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-38547",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-38547"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003229"
},
{
"db": "NVD",
"id": "CVE-2022-38547"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-487"
}
]
},
"id": "VAR-202302-0865",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.2867630485714286
},
"last_update_date": "2023-12-18T13:26:45.600000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel\u00a0security\u00a0advisory\u00a0for\u00a0post-authentication\u00a0RCE\u00a0in\u00a0firewalls",
"trust": 0.8,
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-rce-in-firewalls"
},
{
"title": "ZyXEL ZyWALL USG Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=225393"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2022-38547 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-38547"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003229"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-487"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-003229"
},
{
"db": "NVD",
"id": "CVE-2022-38547"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-rce-in-firewalls"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-38547"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-38547/"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2022-38547"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-38547"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003229"
},
{
"db": "NVD",
"id": "CVE-2022-38547"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-487"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2022-38547"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003229"
},
{
"db": "NVD",
"id": "CVE-2022-38547"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-487"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-38547"
},
{
"date": "2023-09-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-003229"
},
{
"date": "2023-02-07T02:15:07.883000",
"db": "NVD",
"id": "CVE-2022-38547"
},
{
"date": "2023-02-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202302-487"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-38547"
},
{
"date": "2023-09-05T05:07:00",
"db": "JVNDB",
"id": "JVNDB-2023-003229"
},
{
"date": "2023-02-14T23:45:41.760000",
"db": "NVD",
"id": "CVE-2022-38547"
},
{
"date": "2023-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202302-487"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202302-487"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Zyxel\u00a0 In the product \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-003229"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202302-487"
}
],
"trust": 0.6
}
}
var-202304-2162
Vulnerability from variot
The post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker to execute some OS commands remotely. ATP200 firmware, ATP100 firmware, ATP700 firmware etc. ZyXEL The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202304-2162",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "atp500",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp700",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 500",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg20-vpn",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp800",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "atp100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 20w-vpn",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn300",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "vpn300",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 50w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.16"
},
{
"model": "atp100w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "vpn100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "vpn1000",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "vpn50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp200",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn1000",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 50",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg flex 100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg 20w-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.16"
},
{
"model": "usg flex 50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 700",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "vpn50",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 100w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp800",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 50w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg20-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "usg flex 200",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "atp100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg 20-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn1000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 50w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 700",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp800",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 100w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn300",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn50",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp700",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp100w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 50",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-009235"
},
{
"db": "NVD",
"id": "CVE-2023-27991"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27991"
}
]
},
"cve": "CVE-2023-27991",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-27991",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-27991",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "security@zyxel.com.tw",
"id": "CVE-2023-27991",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202304-1940",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-009235"
},
{
"db": "NVD",
"id": "CVE-2023-27991"
},
{
"db": "NVD",
"id": "CVE-2023-27991"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1940"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker to execute some OS commands remotely. ATP200 firmware, ATP100 firmware, ATP700 firmware etc. ZyXEL The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27991"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009235"
},
{
"db": "VULMON",
"id": "CVE-2023-27991"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27991",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009235",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1940",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-27991",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-27991"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009235"
},
{
"db": "NVD",
"id": "CVE-2023-27991"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1940"
}
]
},
"id": "VAR-202304-2162",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3125
},
"last_update_date": "2023-12-18T13:41:28.498000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel ATP Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=235563"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-1940"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-009235"
},
{
"db": "NVD",
"id": "CVE-2023-27991"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27991"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-27991/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-27991"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009235"
},
{
"db": "NVD",
"id": "CVE-2023-27991"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1940"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-27991"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009235"
},
{
"db": "NVD",
"id": "CVE-2023-27991"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1940"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-04-24T00:00:00",
"db": "VULMON",
"id": "CVE-2023-27991"
},
{
"date": "2023-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-009235"
},
{
"date": "2023-04-24T18:15:09.497000",
"db": "NVD",
"id": "CVE-2023-27991"
},
{
"date": "2023-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-1940"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-04-25T00:00:00",
"db": "VULMON",
"id": "CVE-2023-27991"
},
{
"date": "2023-12-05T03:46:00",
"db": "JVNDB",
"id": "JVNDB-2023-009235"
},
{
"date": "2023-06-13T13:18:19.840000",
"db": "NVD",
"id": "CVE-2023-27991"
},
{
"date": "2023-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-1940"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-1940"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0ZyXEL\u00a0 In the product \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-009235"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-1940"
}
],
"trust": 0.6
}
}
var-202012-0977
Vulnerability from variot
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges. Zyxel USG A device contains a vulnerability in the plaintext storage of important information.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-0977",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zywall1100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg20-vpn",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "zywall310",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg1900",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg1100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg40",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg60",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "zywall110",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg40w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg110",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg310",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg210",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg20w-vpn",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg2200",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg60w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg210",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg110",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg60",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg40w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg310",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg40",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20w-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg1100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg60w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40w_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60w_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg110_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg210_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg310_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg1100_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg1900_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg2200_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall110_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall310_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall1100_firmware:4.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"cve": "CVE-2020-29583",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2020-29583",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-29583",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-29583",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-1459",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2020-29583",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-29583"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1459"
},
{
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges. Zyxel USG A device contains a vulnerability in the plaintext storage of important information.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-29583"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "VULMON",
"id": "CVE-2020-29583"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-29583",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014757",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1459",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-29583",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-29583"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1459"
},
{
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"id": "VAR-202012-0977",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3264329933333333
},
"last_update_date": "2024-01-17T20:39:08.091000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisories",
"trust": 0.8,
"url": "http://ftp.zyxel.com/usg40/firmware/usg40_4.60(aala.1)c0_2.pdf"
},
{
"title": "Zyxel USG Series Fixes for encryption problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=137990"
},
{
"title": "BruteX-master\nBruteX\nInstall script for BruteX\n\nVARS\nBruteX by @xer0dayz\nhttp://xerosecurity.com\n\nABOUT:\nBruteX is a simple bash script used to brute force all services on a target.\n\nINSTALL:\n./install.sh\n\nUSAGE:\nbrutex \u003cIP/hostname\u003e \n\nHYDRA SERVICES:\nasterisk cisco cisco-enable cvs ftp ftps http[s]-{head|get} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql(v4) nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] postgres rdp redis rexec rlogin rsh rtsp s7-300 sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey teamspeak telnet[s] vmauthd vnc xmpp\nUN-COMMENT TO ENABLE PROXY",
"trust": 0.1,
"url": "https://github.com/martindojcinoski23/brutex-master "
},
{
"title": "Scanner for Zyxel products which are vulnerable due to an undocumented user account (CVE-2020-29583)\nUsage",
"trust": 0.1,
"url": "https://github.com/2d4d/scan_cve-2020-29583 "
},
{
"title": "Middleware-Vulnerability-detection\n\u514d\u8d23\u58f0\u660e\uff1a",
"trust": 0.1,
"url": "https://github.com/lovechinacoco/https-github.com-mai-lang-chai-middleware-vulnerability-detection "
},
{
"title": "Middleware-Vulnerability-detection\n\u514d\u8d23\u58f0\u660e\uff1a",
"trust": 0.1,
"url": "https://github.com/apachecn-archive/middleware-vulnerability-detection "
},
{
"title": "Awesome-POC",
"trust": 0.1,
"url": "https://github.com/arrestx/--poc "
},
{
"title": "Normal-POC",
"trust": 0.1,
"url": "https://github.com/miraitowa70/poc-notes "
},
{
"title": "Vulnerability",
"trust": 0.1,
"url": "https://github.com/tzwlhack/vulnerability "
},
{
"title": "Normal-POC",
"trust": 0.1,
"url": "https://github.com/miraitowa70/pentest-notes "
},
{
"title": "Awesome-POC",
"trust": 0.1,
"url": "https://github.com/threekiii/awesome-poc "
},
{
"title": "Awesome-POC",
"trust": 0.1,
"url": "https://github.com/kaychenvip/vulnerability-poc "
},
{
"title": "\u6b22\u8fce\u5173\u6ce8\u963f\u5c14\u6cd5\u5b9e\u9a8c\u5ba4\u5fae\u4fe1\u516c\u4f17\u53f7",
"trust": 0.1,
"url": "https://github.com/alphaseclab/sec-daily-2020 "
},
{
"title": "SecBooks\nSecBooks\u76ee\u5f55",
"trust": 0.1,
"url": "https://github.com/sexybeast233/secbooks "
},
{
"title": "Known Exploited Vulnerabilities Detector",
"trust": 0.1,
"url": "https://github.com/ostorlab/kev "
},
{
"title": "PoC in GitHub",
"trust": 0.1,
"url": "https://github.com/developer3000s/poc-in-github "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cybercriminals-exploits-zyxel-flaw/162789/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-29583"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1459"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-522",
"trust": 1.0
},
{
"problemtype": "Plaintext storage of important information (CWE-312) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.zyxel.com/support/security_advisories.shtml"
},
{
"trust": 1.7,
"url": "https://businessforum.zyxel.com/discussion/5254/whats-new-for-zld4-60-patch-1-available-on-dec-15"
},
{
"trust": 1.7,
"url": "https://businessforum.zyxel.com/discussion/5252/zld-v4-60-revoke-and-wk48-firmware-release"
},
{
"trust": 1.7,
"url": "https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html"
},
{
"trust": 1.7,
"url": "https://www.zyxel.com/support/cve-2020-29583.shtml"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-29583"
},
{
"trust": 1.1,
"url": "https://www.secpod.com/blog/a-secret-zyxel-firewall-and-ap-controllers-could-allow-for-administrative-access-cve-2020-29583/"
},
{
"trust": 1.1,
"url": "http://ftp.zyxel.com/usg40/firmware/usg40_4.60%28aala.1%29c0_2.pdf"
},
{
"trust": 0.6,
"url": "http://ftp.zyxel.com/usg40/firmware/usg40_4.60(aala.1)c0_2.pdf"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/522.html"
},
{
"trust": 0.1,
"url": "https://github.com/martindojcinoski23/brutex-master"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-29583"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1459"
},
{
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2020-29583"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1459"
},
{
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-12-22T00:00:00",
"db": "VULMON",
"id": "CVE-2020-29583"
},
{
"date": "2021-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"date": "2020-12-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1459"
},
{
"date": "2020-12-22T22:15:14.443000",
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2020-29583"
},
{
"date": "2021-08-30T08:31:00",
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"date": "2022-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1459"
},
{
"date": "2023-11-07T03:21:32.250000",
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1459"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zyxel\u00a0USG\u00a0 Vulnerability in plaintext storage of important information on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1459"
}
],
"trust": 0.6
}
}
var-202107-0888
Vulnerability from variot
An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device. plural Zyxel There is an authentication vulnerability in the firmware.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202107-0888",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "usg60w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg2200-vpn",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg50",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg flex 100w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg210",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "zywall atp100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall vpn300",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg210",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg40",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg310",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg40",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg flex 100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg40w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "zywall atp200",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "zywall atp700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg40w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg1100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg200",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg110",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg1100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg300",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg110",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg1900",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "zywall vpn50",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg310",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg2000",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg flex 700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall atp100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg2000",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall atp500",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "zywall atp800",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall vpn300",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall 310",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg flex 200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall 110",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg300",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg flex 500",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "zywall vpn100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg1900",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg flex 100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg2200-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg60",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "zywall vpn50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg20-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall atp500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg20",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "zywall atp200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg20",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall 1100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg flex 500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg60",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall 1100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg flex 100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg flex 700",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "zywall atp700",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg20w-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg20w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall atp800",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg20-vpn",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg1000",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg60w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg20w-vpn",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "zywall 110",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "zywall 310",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall atp100w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg20w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall atp100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "zywall vpn100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg1000",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg flex 200",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg210",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg1900",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg40",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg60",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg40w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg110",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg300",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg310",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg60w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg1100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "NVD",
"id": "CVE-2021-35029"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg1900_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg1100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg110_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg2000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg2000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg2200-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg2200-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-35029"
}
]
},
"cve": "CVE-2021-35029",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-35029",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2021-008898",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-35029",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "security@zyxel.com.tw",
"id": "CVE-2021-35029",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202107-147",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2021-35029",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-35029"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "NVD",
"id": "CVE-2021-35029"
},
{
"db": "NVD",
"id": "CVE-2021-35029"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-147"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device. plural Zyxel There is an authentication vulnerability in the firmware.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-35029"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "VULMON",
"id": "CVE-2021-35029"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-35029",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008898",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202107-147",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-35029",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-35029"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "NVD",
"id": "CVE-2021-35029"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-147"
}
]
},
"id": "VAR-202107-0888",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.33796898636363637
},
"last_update_date": "2023-12-18T12:42:25.647000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel\u00a0security\u00a0advisory\u00a0for\u00a0attacks\u00a0against\u00a0security\u00a0appliances",
"trust": 0.8,
"url": "https://www.zyxel.com/support/zyxel_security_advisory_for_attacks_against_security_appliances.shtml"
},
{
"title": "ZyXEL ZyWALL USG Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=155962"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-147"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "Improper authentication (CWE-287) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "NVD",
"id": "CVE-2021-35029"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.zyxel.com/support/zyxel_security_advisory_for_attacks_against_security_appliances.shtml"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-35029"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-35029"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "NVD",
"id": "CVE-2021-35029"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-147"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-35029"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "NVD",
"id": "CVE-2021-35029"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-147"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-02T00:00:00",
"db": "VULMON",
"id": "CVE-2021-35029"
},
{
"date": "2022-03-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"date": "2021-07-02T11:15:08.930000",
"db": "NVD",
"id": "CVE-2021-35029"
},
{
"date": "2021-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202107-147"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-08T00:00:00",
"db": "VULMON",
"id": "CVE-2021-35029"
},
{
"date": "2022-03-31T04:46:00",
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"date": "2021-07-08T18:20:48.127000",
"db": "NVD",
"id": "CVE-2021-35029"
},
{
"date": "2021-07-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202107-147"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202107-147"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Zyxel\u00a0 Firmware authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202107-147"
}
],
"trust": 0.6
}
}
var-202003-1707
Vulnerability from variot
Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2. plural ZyXEL Included in the product weblogin.cgi Is vulnerable to the execution of arbitrary commands. OS Command injection (CWE-78) - CVE-2020-9054 ZyXEL In multiple products offered by CGI Executable file weblogin.cgi Authentication is done using. About this vulnerability ZyXEL Made NAS Exploit codes for products are available on the Internet. Zyxel Technology is a provider of network broadband systems and solutions for internationally renowned brands. main
Products include DSL central office and terminal equipment, router equipment, network security equipment, wireless local area communication equipment,
It also provides full-range broadband network application integration solutions for Chinese enterprises, such as network telephones and Ethernet switches.
Multiple ZyXEL network-attached storage (NAS) devices have security holes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1707",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "atp200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg60w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "nas326",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.21\\(aazf.7\\)c0"
},
{
"model": "zywall110",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg2200",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abae.3\\)c0"
},
{
"model": "usg210",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall310",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg40",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "nas520",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.21\\(aasz.3\\)c0"
},
{
"model": "usg1100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aapk.3\\)c0"
},
{
"model": "vpn100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "atp100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abps.3\\)c0"
},
{
"model": "usg40w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg110",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg1100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg310",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aapj.3\\)c0"
},
{
"model": "usg20w-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "vpn50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg20w-vpn",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abar.3\\)c0"
},
{
"model": "atp800",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg2200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg310",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "vpn1000",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall1100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aaac.3\\)c0"
},
{
"model": "atp800",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abiq.3\\)c0"
},
{
"model": "usg60",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aaky.3\\)c0"
},
{
"model": "usg1900",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "atp200",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abfw.3\\)c0"
},
{
"model": "usg60w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aakz.3\\)c0"
},
{
"model": "usg20-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "nas542",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.21\\(abag.4\\)c0"
},
{
"model": "atp500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "vpn300",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abfc.3\\)c0"
},
{
"model": "nas540",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.21\\(aatb.4\\)c0"
},
{
"model": "vpn100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abfv.3\\)c0"
},
{
"model": "zywall110",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aaaa.3\\)c0"
},
{
"model": "usg20-vpn",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abaq.3\\)c0"
},
{
"model": "usg60",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "atp100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "vpn50",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abhl.3\\)c0"
},
{
"model": "vpn1000",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abip.3\\)c0"
},
{
"model": "zywall310",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aaab.3\\)c0"
},
{
"model": "usg40w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aalb.3\\)c0"
},
{
"model": "usg1900",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aapl.3\\)c0"
},
{
"model": "vpn300",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg40",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aala.3\\)c0"
},
{
"model": "atp500",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(abfu.3\\)c0"
},
{
"model": "usg110",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aaph.3\\)c0"
},
{
"model": "usg210",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35\\(aapi.3\\)c0"
},
{
"model": "zywall1100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp800",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nas 326",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nas 520",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nas 540",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nas 542",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20w-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nas326 \u003cv5.21 c0",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nas520 \u003cv5.21 c0",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nas540 \u003cv5.21 c0",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nas542 \u003cv5.21 c0",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa210",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa220",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa220+",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa221",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa310",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa310s",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa320",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa320s",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa325",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nsa325v2",
"scope": null,
"trust": 0.6,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#498544"
},
{
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"db": "NVD",
"id": "CVE-2020-9054"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.21\\(aazf.7\\)c0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nas520_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.21\\(aasz.3\\)c0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nas520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nas540_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.21\\(aatb.4\\)c0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nas540:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nas542_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.21\\(abag.4\\)c0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nas542:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abps.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abfw.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abfu.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abiq.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abaq.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abar.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aala.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aalb.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aaky.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aakz.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg110_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aaph.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aapi.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aapj.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg1100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aapk.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg1900_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aapl.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abae.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abhl.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abfv.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abfc.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(abip.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall110_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aaaa.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall310_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aaab.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall1100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.35\\(aaac.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9054"
}
]
},
"cve": "CVE-2020-9054",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 10.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.1,
"exploitability": "FUNCTIONAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-9054",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInterationRequired": null,
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "JPCERT/CC",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2020-001758",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-15993",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-9054",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "JPCERT/CC",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-001758",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-9054",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2020-9054",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "JPCERT/CC",
"id": "JVNDB-2020-001758",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2020-15993",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-1216",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2020-9054",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#498544"
},
{
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"db": "VULMON",
"id": "CVE-2020-9054"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"db": "NVD",
"id": "CVE-2020-9054"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2. plural ZyXEL Included in the product weblogin.cgi Is vulnerable to the execution of arbitrary commands. OS Command injection (CWE-78) - CVE-2020-9054 ZyXEL In multiple products offered by CGI Executable file weblogin.cgi Authentication is done using. About this vulnerability ZyXEL Made NAS Exploit codes for products are available on the Internet. Zyxel Technology is a provider of network broadband systems and solutions for internationally renowned brands. main\r\n\r\nProducts include DSL central office and terminal equipment, router equipment, network security equipment, wireless local area communication equipment,\r\n\r\nIt also provides full-range broadband network application integration solutions for Chinese enterprises, such as network telephones and Ethernet switches. \n\r\n\r\nMultiple ZyXEL network-attached storage (NAS) devices have security holes",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9054"
},
{
"db": "CERT/CC",
"id": "VU#498544"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"db": "VULMON",
"id": "CVE-2020-9054"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9054",
"trust": 3.9
},
{
"db": "CERT/CC",
"id": "VU#498544",
"trust": 3.3
},
{
"db": "JVN",
"id": "JVNVU97748968",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-15993",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1216",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-9054",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#498544"
},
{
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"db": "VULMON",
"id": "CVE-2020-9054"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"db": "NVD",
"id": "CVE-2020-9054"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
]
},
"id": "VAR-202003-1707",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15993"
}
],
"trust": 1.3025158775999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15993"
}
]
},
"last_update_date": "2023-12-18T12:17:11.584000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel security advisory for the remote code execution vulnerability of NAS products",
"trust": 0.8,
"url": "https://www.zyxel.com/support/remote-code-execution-vulnerability-of-nas-products.shtml"
},
{
"title": "Patch for Multiple ZyXEL Network Attached Storage (NAS) Device Pre-Verification Command Injection Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/207745"
},
{
"title": "Multiple ZyXEL Product operating system command injection vulnerability fixes",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=110815"
},
{
"title": "exploit",
"trust": 0.1,
"url": "https://github.com/notionned101/exploit "
},
{
"title": "kenzer-templates",
"trust": 0.1,
"url": "https://github.com/elsfa7-110/kenzer-templates "
},
{
"title": "kenzer-templates",
"trust": 0.1,
"url": "https://github.com/arpsyndicate/kenzer-templates "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/top-microsoft-adobe-exploits-list/166241/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/new-mirai-variant-mukashi-targets-zyxel-nas-devices/153982/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/flaws-zyxels-network-management-software/153554/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2020/02/26/zyxel_security_hole/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"db": "VULMON",
"id": "CVE-2020-9054"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9054"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://www.zyxel.com/support/remote-code-execution-vulnerability-of-nas-products.shtml"
},
{
"trust": 3.3,
"url": "https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/"
},
{
"trust": 2.6,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 1.7,
"url": "https://kb.cert.org/vuls/id/498544/"
},
{
"trust": 1.7,
"url": "https://kb.cert.org/artifacts/cve-2020-9054.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9054"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9054"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu97748968"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/498544/"
},
{
"trust": 0.7,
"url": "https://www.kb.cert.org/vuls/id/498544"
},
{
"trust": 0.6,
"url": "https://securityaffairs.co/wordpress/98461/hacking/zyxel-critical-rce.html"
},
{
"trust": 0.1,
"url": "https://github.com/notionned101/exploit"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#498544"
},
{
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"db": "VULMON",
"id": "CVE-2020-9054"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"db": "NVD",
"id": "CVE-2020-9054"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#498544"
},
{
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"db": "VULMON",
"id": "CVE-2020-9054"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"db": "NVD",
"id": "CVE-2020-9054"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-24T00:00:00",
"db": "CERT/CC",
"id": "VU#498544"
},
{
"date": "2020-03-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"date": "2020-03-04T00:00:00",
"db": "VULMON",
"id": "CVE-2020-9054"
},
{
"date": "2020-02-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"date": "2020-03-04T20:15:10.750000",
"db": "NVD",
"id": "CVE-2020-9054"
},
{
"date": "2020-02-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-26T00:00:00",
"db": "CERT/CC",
"id": "VU#498544"
},
{
"date": "2020-03-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-15993"
},
{
"date": "2020-03-06T00:00:00",
"db": "VULMON",
"id": "CVE-2020-9054"
},
{
"date": "2020-04-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001758"
},
{
"date": "2020-03-06T17:58:20.727000",
"db": "NVD",
"id": "CVE-2020-9054"
},
{
"date": "2023-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZyXEL pre-authentication command injection in weblogin.cgi",
"sources": [
{
"db": "CERT/CC",
"id": "VU#498544"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-1216"
}
],
"trust": 0.6
}
}
var-202305-2285
Vulnerability from variot
A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device. ATP100 firmware, ATP200 firmware, ATP500 firmware etc. ZyXEL The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202305-2285",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "usg flex 700",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp500",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 40w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.25"
},
{
"model": "usg 40",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.25"
},
{
"model": "usg 60w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.25"
},
{
"model": "atp700",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 200",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 500",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg20-vpn",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp800",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "atp100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 100w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 40w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "atp800",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 40",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "usg 60w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "vpn300",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp700",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg20-vpn",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn1000",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn300",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp500",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 50w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp100w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg 40",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "usg flex 500",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg 60",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "vpn50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp100w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp200",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn1000",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "usg 20w-vpn",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn1000",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 50w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.25"
},
{
"model": "atp100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg 60",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.25"
},
{
"model": "usg flex 100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn300",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg 60w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "usg flex 700",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "atp200",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 60",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "vpn50",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp800",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 50w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg 40w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.73"
},
{
"model": "vpn100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg20-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "usg flex 200",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "vpn50",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 50",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp800",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 50",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp700",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp100w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007634"
},
{
"db": "NVD",
"id": "CVE-2023-33010"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100w_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100w_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp700_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp700_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_200_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_200_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_500_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_500_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_700_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_700_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn1000_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn1000_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:5.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:5.36:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_40_firmware:4.73:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_40_firmware:4.73:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_40w_firmware:4.73:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_40w_firmware:4.73:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_60w_firmware:4.73:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_60w_firmware:4.73:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_60_firmware:4.73:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_60_firmware:4.73:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33010"
}
]
},
"cve": "CVE-2023-33010",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-33010",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-33010",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "security@zyxel.com.tw",
"id": "CVE-2023-33010",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202305-2093",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007634"
},
{
"db": "NVD",
"id": "CVE-2023-33010"
},
{
"db": "NVD",
"id": "CVE-2023-33010"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-2093"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device. ATP100 firmware, ATP200 firmware, ATP500 firmware etc. ZyXEL The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33010"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-007634"
},
{
"db": "VULMON",
"id": "CVE-2023-33010"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-33010",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2023-007634",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202305-2093",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-33010",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-33010"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-007634"
},
{
"db": "NVD",
"id": "CVE-2023-33010"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-2093"
}
]
},
"id": "VAR-202305-2285",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3125
},
"last_update_date": "2023-12-18T11:54:13.182000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel ATP Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=240581"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202305-2093"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007634"
},
{
"db": "NVD",
"id": "CVE-2023-33010"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-33010"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-33010/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-33010"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-007634"
},
{
"db": "NVD",
"id": "CVE-2023-33010"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-2093"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-33010"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-007634"
},
{
"db": "NVD",
"id": "CVE-2023-33010"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-2093"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-24T00:00:00",
"db": "VULMON",
"id": "CVE-2023-33010"
},
{
"date": "2023-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-007634"
},
{
"date": "2023-05-24T13:15:09.640000",
"db": "NVD",
"id": "CVE-2023-33010"
},
{
"date": "2023-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202305-2093"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-24T00:00:00",
"db": "VULMON",
"id": "CVE-2023-33010"
},
{
"date": "2023-11-24T08:10:00",
"db": "JVNDB",
"id": "JVNDB-2023-007634"
},
{
"date": "2023-06-07T18:20:46.193000",
"db": "NVD",
"id": "CVE-2023-33010"
},
{
"date": "2023-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202305-2093"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202305-2093"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0ZyXEL\u00a0 Classic buffer overflow vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007634"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202305-2093"
}
],
"trust": 0.6
}
}
var-202207-1298
Vulnerability from variot
A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device. ZyXEL The product contains a vulnerability in permission management.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-1298",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "usg flex 100w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "zywall 1100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp800",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg20w-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.16"
},
{
"model": "usg flex 50w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "atp700",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg 2200-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "zywall 310",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp800",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg60",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.09"
},
{
"model": "zywall 1100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg20-vpn",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "atp100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg40",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "vpn300",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp500",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg flex 500",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "zywall 310",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg 2200-vpn",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg flex 500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg40w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "usg flex 50w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.16"
},
{
"model": "vpn300",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "atp100w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg60w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.09"
},
{
"model": "atp700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "vpn100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "usg40",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.09"
},
{
"model": "atp500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "vpn1000",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "vpn50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp200",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "vpn100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg40w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.09"
},
{
"model": "atp100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "atp100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "vpn1000",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "zywall 110",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "usg flex 700",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg60",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "vpn50",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg20w-vpn",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "zywall 110",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "atp200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg20-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "usg flex 700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 200",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.30"
},
{
"model": "usg60w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.72"
},
{
"model": "usg flex 100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "vpn100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn50",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 50w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn300",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg 2200-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "zywall 110",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp800",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 100w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp100w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20w-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp700",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn1000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg 310",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 700",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-013684"
},
{
"db": "NVD",
"id": "CVE-2022-30526"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-30526"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "jbaines-r7",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-1612"
}
],
"trust": 0.6
},
"cve": "CVE-2022-30526",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-30526",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-30526",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "security@zyxel.com.tw",
"id": "CVE-2022-30526",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-1612",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-013684"
},
{
"db": "NVD",
"id": "CVE-2022-30526"
},
{
"db": "NVD",
"id": "CVE-2022-30526"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1612"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device. ZyXEL The product contains a vulnerability in permission management.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-30526"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-013684"
},
{
"db": "VULMON",
"id": "CVE-2022-30526"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-30526",
"trust": 3.3
},
{
"db": "PACKETSTORM",
"id": "168202",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2022-013684",
"trust": 0.8
},
{
"db": "CXSECURITY",
"id": "WLB-2022080075",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1612",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-30526",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-30526"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-013684"
},
{
"db": "NVD",
"id": "CVE-2022-30526"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1612"
}
]
},
"id": "VAR-202207-1298",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.2867630485714286
},
"last_update_date": "2023-12-18T13:59:38.633000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel USG FLEX Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=201959"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-1612"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-269",
"trust": 1.0
},
{
"problemtype": "Improper authority management (CWE-269) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-013684"
},
{
"db": "NVD",
"id": "CVE-2022-30526"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://packetstormsecurity.com/files/168202/zyxel-firewall-suid-binary-privilege-escalation.html"
},
{
"trust": 2.5,
"url": "https://www.zyxel.com/support/zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-30526"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/issue/wlb-2022080075"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-30526/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-30526"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-013684"
},
{
"db": "NVD",
"id": "CVE-2022-30526"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1612"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2022-30526"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-013684"
},
{
"db": "NVD",
"id": "CVE-2022-30526"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1612"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-19T00:00:00",
"db": "VULMON",
"id": "CVE-2022-30526"
},
{
"date": "2023-09-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-013684"
},
{
"date": "2022-07-19T06:15:08.827000",
"db": "NVD",
"id": "CVE-2022-30526"
},
{
"date": "2022-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-1612"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-19T00:00:00",
"db": "VULMON",
"id": "CVE-2022-30526"
},
{
"date": "2023-09-11T08:17:00",
"db": "JVNDB",
"id": "JVNDB-2022-013684"
},
{
"date": "2022-12-13T15:38:54.443000",
"db": "NVD",
"id": "CVE-2022-30526"
},
{
"date": "2022-09-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-1612"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-1612"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0ZyXEL\u00a0 Product permission management vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-013684"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-1612"
}
],
"trust": 0.6
}
}
var-202304-1906
Vulnerability from variot
The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker with administrator privileges to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed when the user visits the Logs page of the GUI on the device. ATP200 firmware, ATP100 firmware, ATP700 firmware etc. ZyXEL A cross-site scripting vulnerability exists in the product.Information may be obtained and information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202304-1906",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "usg20-vpn",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 20w-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.16"
},
{
"model": "vpn100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg flex 700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 100w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp200",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 500",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg20-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp100w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg flex 50w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "vpn300",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 700",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "atp500",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp700",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg flex 200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "vpn300",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "usg flex 200",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 50w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.16"
},
{
"model": "atp800",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "vpn1000",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 50",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg 20w-vpn",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "vpn1000",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "vpn100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "vpn50",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp800",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "atp100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg 20-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn1000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 50w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 700",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp800",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 100w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn300",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn50",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp700",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp100w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 50",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-009236"
},
{
"db": "NVD",
"id": "CVE-2023-27990"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27990"
}
]
},
"cve": "CVE-2023-27990",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.8,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2023-27990",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-27990",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "security@zyxel.com.tw",
"id": "CVE-2023-27990",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202304-1972",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-009236"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1972"
},
{
"db": "NVD",
"id": "CVE-2023-27990"
},
{
"db": "NVD",
"id": "CVE-2023-27990"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker with administrator privileges to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed when the user visits the Logs page of the GUI on the device. ATP200 firmware, ATP100 firmware, ATP700 firmware etc. ZyXEL A cross-site scripting vulnerability exists in the product.Information may be obtained and information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27990"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009236"
},
{
"db": "VULMON",
"id": "CVE-2023-27990"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27990",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009236",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1972",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-27990",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-27990"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009236"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1972"
},
{
"db": "NVD",
"id": "CVE-2023-27990"
}
]
},
"id": "VAR-202304-1906",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3125
},
"last_update_date": "2024-02-03T22:35:22.246000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel ATP Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=235575"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-1972"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
},
{
"problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-009236"
},
{
"db": "NVD",
"id": "CVE-2023-27990"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27990"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-27990/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-27990"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009236"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1972"
},
{
"db": "NVD",
"id": "CVE-2023-27990"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-27990"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009236"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1972"
},
{
"db": "NVD",
"id": "CVE-2023-27990"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-04-24T00:00:00",
"db": "VULMON",
"id": "CVE-2023-27990"
},
{
"date": "2023-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-009236"
},
{
"date": "2023-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-1972"
},
{
"date": "2023-04-24T18:15:09.440000",
"db": "NVD",
"id": "CVE-2023-27990"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-04-25T00:00:00",
"db": "VULMON",
"id": "CVE-2023-27990"
},
{
"date": "2023-12-05T03:46:00",
"db": "JVNDB",
"id": "JVNDB-2023-009236"
},
{
"date": "2023-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-1972"
},
{
"date": "2024-02-02T17:08:15.513000",
"db": "NVD",
"id": "CVE-2023-27990"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-1972"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0ZyXEL\u00a0 Cross-site scripting vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-009236"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-1972"
}
],
"trust": 0.6
}
}
var-202304-1973
Vulnerability from variot
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device. ATP200 firmware, ATP100 firmware, ATP700 firmware etc. ZyXEL There are unspecified vulnerabilities in the product.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202304-1973",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nap303",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.28\\(abex.0\\)"
},
{
"model": "atp500",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "nwa1123acv3",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(abvt.0\\)"
},
{
"model": "wac6503d-s",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.28\\(aasf.0\\)"
},
{
"model": "atp700",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "wac6502d-s",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.28\\(aase.0\\)"
},
{
"model": "usg flex 500",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg20-vpn",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp800",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "atp100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "wac6553d-e",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.28\\(aasg.0\\)"
},
{
"model": "usg 20w-vpn",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "wac6103d-i",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.28\\(aaxh.0\\)"
},
{
"model": "nwa1123-ac hd",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.25\\(abin.9\\)"
},
{
"model": "vpn300",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "wax655e",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(acdo.2\\)"
},
{
"model": "wac500",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(abvs.0\\)"
},
{
"model": "nwa50ax-pro",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(acge.0\\)"
},
{
"model": "wax620d-6e",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(accn.2\\)"
},
{
"model": "nwa1123-ac-pro",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.28\\(abhd.0\\)"
},
{
"model": "vpn300",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "nwa210ax",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(abtd.2\\)"
},
{
"model": "usg flex 50w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.16"
},
{
"model": "atp100w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "nap353",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.28\\(abey.0\\)"
},
{
"model": "wax610d",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(abte.2\\)"
},
{
"model": "vpn100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "wax650s",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(abrm.2\\)"
},
{
"model": "vpn100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "wac500h",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(abwa.0\\)"
},
{
"model": "atp500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "nwa5123-ac hd",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.25\\(abim.9\\)"
},
{
"model": "nwa50ax",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.55\\(acge.1\\)"
},
{
"model": "nap203",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.28\\(abfa.0\\)"
},
{
"model": "vpn1000",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "vpn50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "atp200",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "nwa110ax",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(abtg.2\\)"
},
{
"model": "vpn1000",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 50",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "nwa90ax",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.29\\(accv.1\\)"
},
{
"model": "usg flex 100",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "usg 20w-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.16"
},
{
"model": "usg flex 50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 700",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "nwa55axe",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.29\\(abzl.1\\)"
},
{
"model": "vpn50",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 100w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp800",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "wac5302d-sv2",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.25\\(abvz.9\\)"
},
{
"model": "wac6303d-s",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.25\\(abgl.9\\)"
},
{
"model": "usg flex 50w",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "atp200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.32"
},
{
"model": "wac6552d-s",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.28\\(abio.0\\)"
},
{
"model": "wac6502d-e",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.28\\(aasd.0\\)"
},
{
"model": "nwa220ax-6e",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(acco.2\\)"
},
{
"model": "wax510d",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(abtf.2\\)"
},
{
"model": "wax640s-6e",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(accm.2\\)"
},
{
"model": "usg20-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.30"
},
{
"model": "usg flex 200",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.36"
},
{
"model": "usg flex 700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "usg flex 200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "nwa90ax-pro",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(acgf.0\\)"
},
{
"model": "wax630s",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "6.50\\(abzd.2\\)"
},
{
"model": "usg flex 100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.50"
},
{
"model": "atp100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg 20-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn1000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nap203",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 500",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 50w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 700",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp800",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 100w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn300",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp700",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vpn50",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp100w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "atp200",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg flex 50",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-009355"
},
{
"db": "NVD",
"id": "CVE-2023-22918"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.28\\(abfa.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nap203:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.28\\(abex.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nap303:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.28\\(abey.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nap353:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(abtg.2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nwa1123-ac_hd_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.25\\(abin.9\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nwa1123-ac_hd:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.28\\(abhd.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nwa1123-ac-pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(abvt.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(abtd.2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(acco.2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.55\\(acge.1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(acge.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nwa5123-ac_hd_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.25\\(abim.9\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nwa5123-ac_hd:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.29\\(abzl.1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.29\\(accv.1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(acgf.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(abvs.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(abwa.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.25\\(abvz.9\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.28\\(aaxh.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.25\\(abgl.9\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.28\\(aasd.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wac6502d-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.28\\(aase.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.28\\(aasf.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.28\\(abio.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wac6553d-e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.28\\(aasg.0\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wac6553d-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(abtf.2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(abte.2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(accn.2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(abzd.2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(accm.2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(abrm.2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.50\\(acdo.2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-22918"
}
]
},
"cve": "CVE-2023-22918",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-22918",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-22918",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "security@zyxel.com.tw",
"id": "CVE-2023-22918",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202304-1945",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-009355"
},
{
"db": "NVD",
"id": "CVE-2023-22918"
},
{
"db": "NVD",
"id": "CVE-2023-22918"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1945"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device. ATP200 firmware, ATP100 firmware, ATP700 firmware etc. ZyXEL There are unspecified vulnerabilities in the product.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-22918"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009355"
},
{
"db": "VULMON",
"id": "CVE-2023-22918"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-22918",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009355",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1945",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-22918",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-22918"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009355"
},
{
"db": "NVD",
"id": "CVE-2023-22918"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1945"
}
]
},
"id": "VAR-202304-1973",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3125
},
"last_update_date": "2023-12-18T12:54:24.930000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel ATP Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=235566"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-1945"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-009355"
},
{
"db": "NVD",
"id": "CVE-2023-22918"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-22918"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-22918/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-22918"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009355"
},
{
"db": "NVD",
"id": "CVE-2023-22918"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1945"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-22918"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-009355"
},
{
"db": "NVD",
"id": "CVE-2023-22918"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-1945"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-04-24T00:00:00",
"db": "VULMON",
"id": "CVE-2023-22918"
},
{
"date": "2023-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-009355"
},
{
"date": "2023-04-24T18:15:09.027000",
"db": "NVD",
"id": "CVE-2023-22918"
},
{
"date": "2023-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-1945"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-04-25T00:00:00",
"db": "VULMON",
"id": "CVE-2023-22918"
},
{
"date": "2023-12-05T06:29:00",
"db": "JVNDB",
"id": "JVNDB-2023-009355"
},
{
"date": "2023-06-12T15:40:49.187000",
"db": "NVD",
"id": "CVE-2023-22918"
},
{
"date": "2023-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-1945"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-1945"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0ZyXEL\u00a0 Product vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-009355"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-1945"
}
],
"trust": 0.6
}
}
Vulnerability from fkie_nvd
Published
2020-11-27 18:15
Modified
2024-12-12 16:23
Severity ?
Summary
A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "145E41D9-E376-4B8E-A34F-F2C7ECFD649D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE32A1C-A730-4893-BCB9-F753F8E65440",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B40C703E-C7C0-4B49-A336-83853D3E8C31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7E32879-01A2-49B1-A354-068CEB1CA3A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4B9AC6-7C55-42BD-A1D8-F5D5A19AC59D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92CE6F04-403B-4A52-A3A5-DD0190CF15D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CD5A4AB-0CC2-4CAF-AAFA-0F866174842F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F7F370-C585-45FE-A7F7-40BFF13928CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38B7995C-80E0-413B-9F2C-387EF3703927",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D84DDB81-DE66-4427-8833-633B45A45A14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F11F36C-60DB-4D81-A320-53EEE43758C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C65DB5E9-2FE3-4807-970E-A42FDF82B50E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82864EF6-B63D-4947-A18C-AE0156CCA7FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4834AC5E-884D-4A1C-A39B-B3F4A281E3CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B68C4BD-3279-47AB-AC2A-7555163B12E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60F4E816-C4D3-451A-965C-45387D7DEB5B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7239C54F-EC9E-44B4-AE33-1D36E5448219",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06D2AD3A-9197-487D-A267-24DE332CC66B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFF1122-755A-4531-AA2E-FD6E8478F92F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg2200-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CB2401-479A-4124-B03F-589D7C1061FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F302801D-3720-4598-8458-A8938BD6CB46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCD2777-CC85-4BAA-B16B-19C2DB8DB742",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0906F3FA-793B-421D-B957-7E9C18C1AEC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26900300-1325-4C8A-BC3B-A10233B2462A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A7555E-BC29-460C-A701-7DCDEAFE67F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40B7360-E9B0-4198-8163-CEADE7525E66",
"versionEndIncluding": "4.55",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa1123-ac_hd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A0FB576-76A2-4A25-979E-5E5B3BF5C636",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa1123-ac_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "145723DB-C34B-4C2A-B3C2-7A5CFEF503CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEC41216-BA1D-4D89-BA08-4A3EDC9EA6B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa1123-acv2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49C40B96-55B2-44AA-A75A-92EEEE93371C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac5302d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AA4FC1-E3E4-499F-B0C1-22B738DA4DA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa5120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "109301CB-1A6F-4FF2-A64E-55D698A601CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa5301-nj:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328EB14D-84E9-4F4B-8277-43F52644AE7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3518DA0A-2C7B-4979-A457-0826C921B0F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D784994E-E2CE-4328-B490-D9DC195A53DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22BA1F7B-B2D2-44D6-83A4-859DF7BAC001",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F08117-0BCE-4EA1-8DA7-1AC4EFF67E2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B504AA70-D60A-4158-B3A5-BADBED2F8BAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "227EDB1C-0070-4B5D-9070-B4717DB3DF08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A3F9232-F988-4428-9898-4F536123CE88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC4D19-A1FA-4539-A672-46207670D9DF",
"versionEndIncluding": "6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
"matchCriteriaId": "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A3B4EC91-B091-474F-B2E9-4DF474746547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CC14EDB3-613B-4531-9581-1A9687E27ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
"matchCriteriaId": "C5B8CBD3-5115-4813-A372-66C0312DA95E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
"matchCriteriaId": "725083DF-B9BE-45DD-B999-511528F2C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
"matchCriteriaId": "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
"matchCriteriaId": "5D785597-7B27-4910-A4A0-0E2968CA7488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa1302-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA514BB-B688-4EBD-9530-F5112F7503F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en el archivo fbwifi_continue.cgi en Zyxel serie UTM y VPN de puertas de enlace que ejecutan la versi\u00f3n de firmware V4.30 hasta la V4.55, lo que permite a atacantes remotos no autenticados ejecutar c\u00f3digo arbitrario por medio de un paquete http dise\u00f1ado"
}
],
"id": "CVE-2020-25014",
"lastModified": "2024-12-12T16:23:25.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-27T18:15:11.563",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://businessforum.zyxel.com/categories/security-news-and-release"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://businessforum.zyxel.com/categories/security-news-and-release"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-24 13:15
Modified
2024-11-21 08:04
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
References
Impacted products
{
"cisaActionDue": "2023-06-26",
"cisaExploitAdd": "2023-06-05",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Zyxel Multiple Firewalls Buffer Overflow Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "558978AD-8153-4C1F-A6DE-CCFBF69F754D",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "C5813B69-C1A3-4695-8B63-17994BBA1723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "B61DE8A9-6A73-45EF-8C37-39138F39168A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A32A52F5-5406-4A44-A5C1-42FCDC8C6B22",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "49FF3D01-C9AA-452C-A079-3180DC8DB269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8ABED29D-8074-46AB-8A0F-759B0653691B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "320FC232-D76C-4D8A-8003-7C9A7A287A4C",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "9801F3AB-4560-44AA-934F-0A6D31F46195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "2A0E5B17-00E0-4CB0-9787-D6A8C8E1E0BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81CB716A-E996-48A6-8C2D-F4B9398FCA77",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp100w_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "3CBAF763-195F-4B36-A450-719931B86650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp100w_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "4CB974EC-859A-4B74-8A60-98A5406E8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2360F0CC-6958-47B6-87A9-B03D52DEBAF8",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp700_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "F4CF847A-A858-43A6-B35B-91455682E382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp700_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "9BE980D6-9D39-41B9-A35C-1879B72F4146",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C4EE067-E0F0-49B7-8698-8B1AD8E346F0",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "BA1C872C-9192-410D-86F1-55CDF07DE77C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "EECC0FB9-DED8-4ACF-A627-0537F3EE8C65",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D96CB09A-9AB3-4360-ACFC-A917E7EEC460",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "DA9E3C5E-9447-40D2-9036-6097FF433433",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "12F0F5D8-AC3F-4485-A013-5109FB796FF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CF08551-BA8E-47BC-985D-D5ED76A46793",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "EF66A8A2-EE45-43ED-8F5A-FF488AC39943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "F185DD94-DDA0-4B37-BADE-8468BA08CC02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "030F29C9-5435-4EA5-B009-895BB2259C19",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "23E7810E-370E-4405-B7A2-C988511BE7B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8571FFB9-A90D-4EBD-87C0-F5119D142CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62ACD903-AC40-451C-B2AB-6F843B3C8897",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "46E17CE0-8EA7-4188-B3E7-DBD1D30C8DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "C3D2B551-E080-4F75-A0C7-30D9E684EEEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04A828C5-B71C-43EE-8132-C14C58A52360",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "9A4E9538-EFB8-4181-A48B-D9B09F124B4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "9ECBAE12-DD16-476C-A2F1-2DF5F334741D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D96CB09A-9AB3-4360-ACFC-A917E7EEC460",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "6ED353C3-7BD1-4270-8D70-0B3D51C276E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEA17444-10FA-4B93-A2D3-5D00151C12C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7B066A-5AF0-42AF-A341-A91802F588F1",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "206BCF6E-CEB7-4972-B321-ED3CAFD92E76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "18F99AF2-8419-4ADC-9F46-D53C177BA50F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C0AF7BA-8673-4E69-ACEC-8C0DA8DD417B",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "107BB5B9-9C04-4C35-88AD-4D59ECD17778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "5776089E-F9F4-4A0E-A169-FA1FC4DC6329",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42F4D9F3-BCBF-4990-B270-3592D69FCC22",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "B5FD9479-4FF2-412C-AB26-5F46FB354653",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "499EA838-5310-4C1C-B9E7-2AB90ACEAA2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C6AFD50-926C-4579-A951-4EFDCBA512F0",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "A7C9CFAA-87BB-4FFE-9191-0A662E58A2F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "062596D1-4466-46B6-B6B6-4403675B6A3B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DCFD02F-5884-4A96-957D-4CEEDB3826BE",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "B41E614E-708B-4793-B10A-E264AC128AC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "DF398D47-F670-4669-B0BC-9BD9DEC553AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E136FA9E-48A2-428C-9F0A-CD9DB7F91581",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "DA96F7C3-B9DA-4B14-8C69-05A8BC1C4FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "3F62D2F9-2D33-4E3F-B641-C721CF34B5C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4194305-CCA6-4710-94AA-CE0304E1AA44",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "BC69FAB1-C862-470A-8CBF-BB8751485611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8FD54572-2C29-4D2E-B15A-DE3A16D8E3CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7239C54F-EC9E-44B4-AE33-1D36E5448219",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF412BE-51E7-4839-B5D3-C4B29DD550CE",
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_40_firmware:4.73:-:*:*:*:*:*:*",
"matchCriteriaId": "97239F61-5715-476B-BD20-B40746AAFE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_40_firmware:4.73:patch1:*:*:*:*:*:*",
"matchCriteriaId": "FA798B77-D4B4-4F21-A543-A6C5AAD7878F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D84DDB81-DE66-4427-8833-633B45A45A14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99DA2CD9-A82D-4E08-AE79-360E353B5B21",
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_40w_firmware:4.73:-:*:*:*:*:*:*",
"matchCriteriaId": "1C2309AF-4FDB-4564-B2C4-B7BA67F1DA6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_40w_firmware:4.73:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8A04A40D-7093-49E3-A7A7-8C6F148F460F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F11F36C-60DB-4D81-A320-53EEE43758C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F73FA6-BD2F-470A-B0D7-AB1C0F210000",
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_60w_firmware:4.73:-:*:*:*:*:*:*",
"matchCriteriaId": "4C76684E-0F6D-4D89-8E59-343988366E1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_60w_firmware:4.73:patch1:*:*:*:*:*:*",
"matchCriteriaId": "14613F31-56A0-4F5B-9E1A-F316A4508F3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82864EF6-B63D-4947-A18C-AE0156CCA7FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "687AD63E-69C0-4D43-AFBB-B67605A4C44B",
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_60_firmware:4.73:-:*:*:*:*:*:*",
"matchCriteriaId": "02C8DD42-9023-43B9-8B8B-BF9CC79E27E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_60_firmware:4.73:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8B7249A0-0AE1-4C01-BF04-BD8BA385C84D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C65DB5E9-2FE3-4807-970E-A42FDF82B50E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.\n\n"
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer en la funci\u00f3n de notificaci\u00f3n en las versiones de firmware de la serie Zyxel ATP 4.60 a 5.36 Parche 1, versiones de firmware de la serie USG FLEX 4.60 a 5.36 Parche 1, versiones de firmware USG FLEX 50(W) 4.60 a 5.36 Parche 1, USG20(W)- Las versiones de firmware VPN 4.60 a 5.36, parche 1, las versiones de firmware de la serie VPN 4.60 a 5.36, parche 1, las versiones de firmware de la serie ZyWALL/USG 4.60 a 4.73, parche 1, podr\u00edan permitir que un atacante no autenticado provoque condiciones de denegaci\u00f3n de servicio (DoS) e incluso un ejecuci\u00f3n remota de c\u00f3digo en un dispositivo afectado."
}
],
"id": "CVE-2023-33009",
"lastModified": "2024-11-21T08:04:23.717",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security@zyxel.com.tw",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2023-05-24T13:15:09.560",
"references": [
{
"source": "security@zyxel.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls"
}
],
"sourceIdentifier": "security@zyxel.com.tw",
"vulnStatus": "Undergoing Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-22 20:29
Modified
2024-11-21 04:52
Severity ?
Summary
On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized 'mp_idx' parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zyxel | atp200_firmware | 4.31 | |
| zyxel | atp200 | - | |
| zyxel | atp500_firmware | 4.31 | |
| zyxel | atp500 | - | |
| zyxel | atp800_firmware | 4.31 | |
| zyxel | atp800 | - | |
| zyxel | usg20-vpn_firmware | 4.31 | |
| zyxel | usg20-vpn | - | |
| zyxel | usg20w-vpn_firmware | 4.31 | |
| zyxel | usg20w-vpn | - | |
| zyxel | usg40_firmware | 4.31 | |
| zyxel | usg40 | - | |
| zyxel | usg40w_firmware | 4.31 | |
| zyxel | usg40w | - | |
| zyxel | usg60_firmware | 4.31 | |
| zyxel | usg60 | - | |
| zyxel | usg60w_firmware | 4.31 | |
| zyxel | usg60w | - | |
| zyxel | usg110_firmware | 4.31 | |
| zyxel | usg110 | - | |
| zyxel | usg210_firmware | 4.31 | |
| zyxel | usg210 | - | |
| zyxel | usg310_firmware | 4.31 | |
| zyxel | usg310 | - | |
| zyxel | usg1100_firmware | 4.31 | |
| zyxel | usg1100 | - | |
| zyxel | usg1900_firmware | 4.31 | |
| zyxel | usg1900 | - | |
| zyxel | usg2200-vpn_firmware | 4.31 | |
| zyxel | usg2200-vpn | - | |
| zyxel | zywall_110_firmware | 4.31 | |
| zyxel | zywall_110 | - | |
| zyxel | zywall_310_firmware | 4.31 | |
| zyxel | zywall_310 | - | |
| zyxel | zywall_1100_firmware | 4.31 | |
| zyxel | zywall_1100 | - | |
| zyxel | vpn50_firmware | - | |
| zyxel | vpn50 | - | |
| zyxel | vpn100_firmware | - | |
| zyxel | vpn100 | - | |
| zyxel | vpn300_firmware | - | |
| zyxel | vpn300 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "A0490C84-596F-48E7-A9EC-F22AC71C645A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "205C9D58-FB8B-486A-81AF-D55D0B6550CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB5D8BA-658C-409B-8D75-DA9C33DCB91B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "C73CD6FB-DDC7-4C71-932F-1B945F8BF5DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7239C54F-EC9E-44B4-AE33-1D36E5448219",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "0C1BD569-475E-47AC-B0FA-0E2E7A78D0E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06D2AD3A-9197-487D-A267-24DE332CC66B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg40_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0266E1-34D4-4875-960E-4549E062BD64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCD2777-CC85-4BAA-B16B-19C2DB8DB742",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg40w_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "C81C76F5-C81A-4AF3-8CC3-7BB560D07500",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0906F3FA-793B-421D-B957-7E9C18C1AEC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg60_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "D709F4D3-B94D-40A7-AFDF-235DCBBF34BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26900300-1325-4C8A-BC3B-A10233B2462A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg60w_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "A8B031CA-1C69-4E04-846F-9D6BBA2F40F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A7555E-BC29-460C-A701-7DCDEAFE67F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg110_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "D8018BB3-EF08-4FB7-A8FD-DF69F203D6E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4834AC5E-884D-4A1C-A39B-B3F4A281E3CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg210_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "28A4D6DA-18D4-4214-9305-C15AA69581E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFF1122-755A-4531-AA2E-FD6E8478F92F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg310_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "737B376F-7CFF-4863-9C3B-43B033F17732",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F302801D-3720-4598-8458-A8938BD6CB46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg1100_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "441D2612-E0E3-4123-94FC-6A1B7AD74203",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B68C4BD-3279-47AB-AC2A-7555163B12E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg1900_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "828A57FD-E3EB-4E42-ACEB-A660B13AF5FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60F4E816-C4D3-451A-965C-45387D7DEB5B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg2200-vpn_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4E83E1-B78F-40FF-8EEC-0AB4A1E484E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg2200-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CB2401-479A-4124-B03F-589D7C1061FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_110_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF4C9AA-CCF9-4457-9BAD-056686ECC7B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "145E41D9-E376-4B8E-A34F-F2C7ECFD649D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_310_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "22D33EC8-AA9B-4BE9-9BE0-239CAD587E1E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B40C703E-C7C0-4B49-A336-83853D3E8C31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_1100_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "886C5968-ACD9-411F-B6D2-00DB0A18BAE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE32A1C-A730-4893-BCB9-F753F8E65440",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2834B453-1A34-47D2-8E65-030219AFED6D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4182F61A-D7FE-43EF-A884-9B2640EB78E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B30794EC-E419-448E-8C9F-E8BB583E1AE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized \u0027mp_idx\u0027 parameter."
},
{
"lang": "es",
"value": "En dispositivos Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100. La p\u00e1gina de inicio de sesi\u00f3n del servidor de seguridad es vulnerable a Reflected XSS por medio del par\u00e1metro \u0027mp_idx\u0027 no saneado."
}
],
"id": "CVE-2019-9955",
"lastModified": "2024-11-21T04:52:39.943",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-22T20:29:00.447",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152525/Zyxel-ZyWall-Cross-Site-Scripting.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Apr/22"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46706/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.securitymetrics.com/blog/Zyxel-Devices-Vulnerable-Cross-Site-Scripting-Login-page"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152525/Zyxel-ZyWall-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Apr/22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46706/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.securitymetrics.com/blog/Zyxel-Devices-Vulnerable-Cross-Site-Scripting-Login-page"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-19 06:15
Modified
2024-11-21 07:02
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "168114AC-C949-4CA5-B4B4-BF9FB5890DA2",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EFADF80-716E-4000-93D4-0CB3B277BA25",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FABAFF3-61E8-4C97-BEFE-1D68788167FB",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21C293BE-791E-4D1C-8E72-9E0464444274",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5094FAF7-6D9A-44EF-B779-86468D82B03C",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EF21C51-050F-4B01-9618-60919AEFEC6A",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06D2AD3A-9197-487D-A267-24DE332CC66B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50A72101-97B4-4770-A6F7-D25B3A0AE45E",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "650D7D9B-65A7-4949-9F6C-9A3B7BDD17F5",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C376DD7-8378-42BE-92F1-872500E882D4",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9DC83BF-6F99-4345-BE51-4FB93F38FD21",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E464C22-5D8C-4D85-9F65-8485972C3524",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5A44B6A-B1BC-481F-9D08-61E50F58EB1A",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBBB154D-46EB-4D97-B5F4-01ADA359C5AC",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0BC145-7EF2-4B13-BE26-A567EEF06613",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75627990-29D4-40F3-8E66-975F1898B6D5",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F357DD8-0C9E-418E-98B4-0F1292AA7176",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "352F3388-9107-4B41-AAD8-D11965D78240",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7239C54F-EC9E-44B4-AE33-1D36E5448219",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1F7BCE-342F-4847-BB89-2B47384A54C9",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F7F370-C585-45FE-A7F7-40BFF13928CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FBACC4-A37C-4023-A656-F3428A74D542",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "145E41D9-E376-4B8E-A34F-F2C7ECFD649D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C3F76A-6963-4B2F-AAF4-9E3BBB0627D6",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B40C703E-C7C0-4B49-A336-83853D3E8C31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED5800-D09B-4953-AB0F-65AE3EF33C57",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE32A1C-A730-4893-BCB9-F753F8E65440",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20E65AC2-F493-4E10-924B-3F5D5FE2B6FF",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCD2777-CC85-4BAA-B16B-19C2DB8DB742",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "611A3CB1-D0ED-4B4E-A28E-D69ED31035DF",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0906F3FA-793B-421D-B957-7E9C18C1AEC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D546A4A3-130F-439C-9C28-8D18870F0A58",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26900300-1325-4C8A-BC3B-A10233B2462A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED1826F-286E-4795-87C4-6FFD997BDB46",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A7555E-BC29-460C-A701-7DCDEAFE67F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad de escalada de privilegios en el comando CLI del firmware Zyxel USG FLEX 100(W) versiones 4.50 a 5.30, firmware USG FLEX 200 versiones 4.50 a 5.30, firmware USG FLEX 500 versiones 4.50 a 5.30, firmware USG FLEX 700 versiones 4.50 a 5.30, firmware USG FLEX 50(W) versiones 4.16 a 5. 30, firmware USG20(W)-VPN versiones 4.16 a 5.30, firmware de la serie ATP versiones 4.32 a 5.30, firmware de la serie VPN versiones 4.30 a 5.30, firmware de la serie USG/ZyWALL versiones 4.09 a 4.72, lo que podr\u00eda permitir a un atacante local ejecutar algunos comandos del sistema operativo con privilegios de root en algunos directorios de un dispositivo vulnerable."
}
],
"id": "CVE-2022-30526",
"lastModified": "2024-11-21T07:02:52.850",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-19T06:15:08.827",
"references": [
{
"source": "security@zyxel.com.tw",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/168202/Zyxel-Firewall-SUID-Binary-Privilege-Escalation.html"
},
{
"source": "security@zyxel.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/168202/Zyxel-Firewall-SUID-Binary-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml"
}
],
"sourceIdentifier": "security@zyxel.com.tw",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-07 02:15
Modified
2024-11-21 07:16
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72, VPN series firmware versions 4.30 through 5.32, USG FLEX series firmware versions 4.50 through 5.32, and ATP series firmware versions 4.32 through 5.32, which could allow an authenticated attacker with administrator privileges to execute OS commands.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EE6E9E-25BA-4F9A-B13A-9A4A405E24DC",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35945749-7707-4057-A23C-F69615D78C9D",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA692134-7730-4518-9CB1-BDAE32578EA7",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A202967-379D-41C2-AF18-C287CD075677",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "467CC4CE-B69F-4341-B35B-293C36BEC8F1",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84116343-9050-47AD-8C5D-6C69247BAE98",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A27B3207-D9E6-418D-AD64-A578E4DE77E6",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7108742C-1064-4657-9932-87BDBE1E2AC5",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA8914D-F868-4ECC-B110-FCA5C3C9EBA5",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55177D6F-BD50-49EE-B8F8-2AFB3D2B0FFC",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3ACF88-2143-4D19-8C64-64170DC1771B",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C26CCE16-5719-4B2D-AC1D-AD2354A61046",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "879037A2-5CCF-44C5-9B70-DA8E79AD3343",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD415B02-D7C2-4C23-B0EF-2E13DFF5CFD1",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06D2AD3A-9197-487D-A267-24DE332CC66B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9026D87-7D08-46D7-A9A6-6758FA7A5D0D",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7239C54F-EC9E-44B4-AE33-1D36E5448219",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1071A736-AE03-4C49-9F19-4E7B77E31C3E",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A625626B-2E60-4D54-A4FC-80B7C59EAC7A",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "509B75A6-B827-4328-B9F8-C0828279A29E",
"versionEndIncluding": "5.32",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F486DCF-02EB-49DC-862A-3CE9B55D8210",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCD2777-CC85-4BAA-B16B-19C2DB8DB742",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94A7F2DF-F22C-49DA-9563-BAFD59011B70",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0906F3FA-793B-421D-B957-7E9C18C1AEC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36CDEEE3-8284-4759-9B23-72989BBABBDD",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26900300-1325-4C8A-BC3B-A10233B2462A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "149EABE0-AAB1-41C2-9A34-2C25650B83BF",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A7555E-BC29-460C-A701-7DCDEAFE67F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DFEBB3B-F29D-4EE7-9ECE-F7711783A0EF",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "145E41D9-E376-4B8E-A34F-F2C7ECFD649D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8BE4050-32D8-4306-A668-14F3CC8169EC",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE32A1C-A730-4893-BCB9-F753F8E65440",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBCCCD01-5009-48B3-9484-925D5436C6D9",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B40C703E-C7C0-4B49-A336-83853D3E8C31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72, VPN series firmware versions 4.30 through 5.32, USG FLEX series firmware versions 4.50 through 5.32, and ATP series firmware versions 4.32 through 5.32, which could allow an authenticated attacker with administrator privileges to execute OS commands."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n de comando posterior a la autenticaci\u00f3n en el comando CLI de las versiones de firmware de la serie Zyxel ZyWALL/USG 4.20 a 4.72, las versiones de firmware de la serie VPN 4.30 a 5.32, las versiones de firmware de la serie USG FLEX 4.50 a 5.32 y las versiones de firmware de la serie ATP 4.32 a 5.32, que podr\u00eda permitir que un atacante autenticado con privilegios de administrador ejecute comandos del sistema operativo."
}
],
"id": "CVE-2022-38547",
"lastModified": "2024-11-21T07:16:39.203",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-07T02:15:07.883",
"references": [
{
"source": "security@zyxel.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-rce-in-firewalls"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-rce-in-firewalls"
}
],
"sourceIdentifier": "security@zyxel.com.tw",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-19 06:15
Modified
2024-11-21 07:00
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.11 through 4.72, that could allow an authenticated attacker to access some restricted files on a vulnerable device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "168114AC-C949-4CA5-B4B4-BF9FB5890DA2",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EFADF80-716E-4000-93D4-0CB3B277BA25",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FABAFF3-61E8-4C97-BEFE-1D68788167FB",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21C293BE-791E-4D1C-8E72-9E0464444274",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9ECE5-14ED-4B0C-B4FF-F00E35A9AFF0",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F666507D-EE3E-493A-9DF5-D7773305985D",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06D2AD3A-9197-487D-A267-24DE332CC66B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50A72101-97B4-4770-A6F7-D25B3A0AE45E",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "650D7D9B-65A7-4949-9F6C-9A3B7BDD17F5",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C376DD7-8378-42BE-92F1-872500E882D4",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9DC83BF-6F99-4345-BE51-4FB93F38FD21",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E464C22-5D8C-4D85-9F65-8485972C3524",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5A44B6A-B1BC-481F-9D08-61E50F58EB1A",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBBB154D-46EB-4D97-B5F4-01ADA359C5AC",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0BC145-7EF2-4B13-BE26-A567EEF06613",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75627990-29D4-40F3-8E66-975F1898B6D5",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F357DD8-0C9E-418E-98B4-0F1292AA7176",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "352F3388-9107-4B41-AAD8-D11965D78240",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7239C54F-EC9E-44B4-AE33-1D36E5448219",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1F7BCE-342F-4847-BB89-2B47384A54C9",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F7F370-C585-45FE-A7F7-40BFF13928CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FBACC4-A37C-4023-A656-F3428A74D542",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "145E41D9-E376-4B8E-A34F-F2C7ECFD649D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C3F76A-6963-4B2F-AAF4-9E3BBB0627D6",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B40C703E-C7C0-4B49-A336-83853D3E8C31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED5800-D09B-4953-AB0F-65AE3EF33C57",
"versionEndIncluding": "5.30",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE32A1C-A730-4893-BCB9-F753F8E65440",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F486DCF-02EB-49DC-862A-3CE9B55D8210",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCD2777-CC85-4BAA-B16B-19C2DB8DB742",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94A7F2DF-F22C-49DA-9563-BAFD59011B70",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0906F3FA-793B-421D-B957-7E9C18C1AEC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36CDEEE3-8284-4759-9B23-72989BBABBDD",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26900300-1325-4C8A-BC3B-A10233B2462A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "149EABE0-AAB1-41C2-9A34-2C25650B83BF",
"versionEndIncluding": "4.72",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A7555E-BC29-460C-A701-7DCDEAFE67F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.11 through 4.72, that could allow an authenticated attacker to access some restricted files on a vulnerable device."
},
{
"lang": "es",
"value": "Se identific\u00f3 una vulnerabilidad de salto de directorio causada por secuencias de caracteres espec\u00edficas dentro de una URL saneada inapropiadamente en algunos programas CGI de las versiones 4.50 a 5.30 del firmware Zyxel USG FLEX 100(W), versiones 4.50 a 5.30 del firmware USG FLEX 200, versiones 4.50 a 5.30 del firmware USG FLEX 500, versiones 4.50 a 5.30 del firmware USG FLEX 700. 30, firmware USG FLEX 50(W) versiones 4.16 a 5.30, firmware USG20(W)-VPN versiones 4.16 a 5.30, firmware de la serie ATP versiones 4.32 a 5.30, firmware de la serie VPN versiones 4.30 a 5.30, firmware de la serie USG/ZyWALL versiones 4.11 a 4.72, que podr\u00eda permitir a un atacante autenticado acceder a algunos archivos restringidos en un dispositivo vulnerable.\n"
}
],
"id": "CVE-2022-2030",
"lastModified": "2024-11-21T07:00:12.173",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-19T06:15:08.383",
"references": [
{
"source": "security@zyxel.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml"
}
],
"sourceIdentifier": "security@zyxel.com.tw",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-04 20:15
Modified
2024-11-21 05:39
Severity ?
Summary
Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2
References
Impacted products
{
"cisaActionDue": "2022-04-15",
"cisaExploitAdd": "2022-03-25",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Zyxel Multiple NAS Devices OS Command Injection Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FEC76CA-9F2C-4A44-93C5-C131E68B9A5E",
"versionEndExcluding": "5.21\\(aazf.7\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A01B19-4A91-4FBC-8447-2E854346DAC5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nas520_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09DE98E7-CE8E-4F45-9F1E-4A4345FBD443",
"versionEndExcluding": "5.21\\(aasz.3\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nas520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07B2BA3D-40F0-4D59-8838-B226FAABF27E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nas540_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "511D5E0C-9110-4505-8DC6-5C06A10CBC20",
"versionEndExcluding": "5.21\\(aatb.4\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nas540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2F7264C-D32A-4EE9-BADC-78518D762BCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nas542_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "608792D0-44B3-4A07-A48C-D3D71F26056D",
"versionEndExcluding": "5.21\\(abag.4\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nas542:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31C4DD0F-28D0-4BF7-897B-5EEC32AA7277",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B482F4E-6E1B-45BD-A114-C389E2CD7542",
"versionEndExcluding": "4.35\\(abps.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DE3AD47-1C82-4B8B-87F4-E545A7DAFE5C",
"versionEndExcluding": "4.35\\(abfw.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "352E7F31-76DB-4786-BCC0-E11F43550EB1",
"versionEndExcluding": "4.35\\(abfu.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92E70F0C-D446-47B2-809B-D4680DAF13FC",
"versionEndExcluding": "4.35\\(abiq.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB019CF4-75AA-4CB0-BA44-42BE620C03B3",
"versionEndExcluding": "4.35\\(abaq.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7239C54F-EC9E-44B4-AE33-1D36E5448219",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C621E3-DD7D-4FD0-AD1F-6D7BFDCA38F7",
"versionEndExcluding": "4.35\\(abar.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06D2AD3A-9197-487D-A267-24DE332CC66B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E638CFB-A13D-429D-A8E7-275959673ED6",
"versionEndExcluding": "4.35\\(aala.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCD2777-CC85-4BAA-B16B-19C2DB8DB742",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB73D7EE-6A50-4DA5-B9A3-36E39244FF23",
"versionEndExcluding": "4.35\\(aalb.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0906F3FA-793B-421D-B957-7E9C18C1AEC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1183A743-F349-4D93-8943-C80F8976A2BE",
"versionEndExcluding": "4.35\\(aaky.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26900300-1325-4C8A-BC3B-A10233B2462A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F0D184B-31BB-4808-AF97-03599283F181",
"versionEndExcluding": "4.35\\(aakz.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A7555E-BC29-460C-A701-7DCDEAFE67F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg110_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8598C1A4-10CE-4092-9339-217AA27FF14D",
"versionEndExcluding": "4.35\\(aaph.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4834AC5E-884D-4A1C-A39B-B3F4A281E3CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B42E5510-F6BB-40DA-8115-4D324DDCF5B2",
"versionEndExcluding": "4.35\\(aapi.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFF1122-755A-4531-AA2E-FD6E8478F92F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE7E2A7-3083-4AB7-ABA8-9EE8585DA1C1",
"versionEndExcluding": "4.35\\(aapj.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F302801D-3720-4598-8458-A8938BD6CB46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg1100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDB08DB-DFBD-4A3C-86FD-5383D4B60248",
"versionEndExcluding": "4.35\\(aapk.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B68C4BD-3279-47AB-AC2A-7555163B12E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg1900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAED492E-9FDD-4F6F-91E0-6EDA3036C725",
"versionEndExcluding": "4.35\\(aapl.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60F4E816-C4D3-451A-965C-45387D7DEB5B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A54DCF88-38E3-4660-ABC2-829B2DA5C445",
"versionEndExcluding": "4.35\\(abae.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "231547C3-33B8-42B7-983E-AA3C6CA5D107",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFB5E9D-75AD-4696-8EDF-A7726B5F2809",
"versionEndExcluding": "4.35\\(abhl.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E5C5E12-CDDB-4DDF-AAA8-4AB499F5925F",
"versionEndExcluding": "4.35\\(abfv.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0120A42B-EA67-44DC-BE04-FECF0279187C",
"versionEndExcluding": "4.35\\(abfc.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71B4358-0E6F-496E-BFCF-0B368CBD1D09",
"versionEndExcluding": "4.35\\(abip.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall110_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "025A43D2-42C3-4AEC-9C2E-61BAEB428545",
"versionEndExcluding": "4.35\\(aaaa.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2347F91E-8AA3-4EB5-AD7F-7602A46C20BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall310_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FB2E4BB-5684-4081-B9BA-80808E8ADD6F",
"versionEndExcluding": "4.35\\(aaab.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A97613C-26EF-481E-9215-197FE7A9D1C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall1100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "536BDA9F-4A29-4C59-8C39-F54794BE3026",
"versionEndExcluding": "4.35\\(aaac.3\\)c0",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53A5732E-193B-4017-A434-A76BE80E20D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2"
},
{
"lang": "es",
"value": "M\u00faltiples dispositivos network-attached storage (NAS) de ZyXEL cuando ejecutan la versi\u00f3n de firmware 5.21 contienen una vulnerabilidad de inyecci\u00f3n de comando previa a la autenticaci\u00f3n, que puede permitir a un atacante remoto no autenticado ejecutar c\u00f3digo arbitrario sobre un dispositivo vulnerable. Los dispositivos NAS de ZyXEL alcanzan la autenticaci\u00f3n utilizando el archivo ejecutable CGI weblogin.cgi. Este programa no puede sanear apropiadamente el par\u00e1metro username que se le pas\u00f3. Si el par\u00e1metro de username contiene determinados caracteres, puede permitir una inyecci\u00f3n de comandos con los privilegios del servidor web que se ejecuta en el dispositivo ZyXEL. Aunque el servidor web no es ejecutado como el usuario root, los dispositivos ZyXEL incluyen una utilidad setuid que puede ser aprovechada para ejecutar cualquier comando con privilegios root. Como tal, se debe suponer que la explotaci\u00f3n de esta vulnerabilidad puede conducir a la ejecuci\u00f3n remota de c\u00f3digo con privilegios root. Mediante el env\u00edo de una petici\u00f3n HTTP POST o GET especialmente dise\u00f1ada hacia un dispositivo ZyXEL vulnerable, un atacante remoto no autenticado puede ejecutar c\u00f3digo arbitrario en el dispositivo. Esto puede presentarse al conectar directamente a un dispositivo si es expuesto directamente a un atacante. Sin embargo, existen maneras de activar tales peticiones dise\u00f1adas inclusive si un atacante no posee conectividad directa con dispositivos vulnerables. Por ejemplo, simplemente visitando un sitio web puede comprometer cualquier dispositivo ZyXEL al que se pueda acceder desde el sistema cliente. Los productos afectados incluyen: NAS326 antes de la versi\u00f3n de firmware V5.21(AAZF.7)C0, NAS520 antes de la versi\u00f3n de firmware V5.21(AASZ.3)C0, NAS540 antes de la versi\u00f3n de firmware V5.21(AATB.4)C0 NAS542 antes de la versi\u00f3n de firmware V5.21(ABAG.4)C0. ZyXEL ha puesto a disposici\u00f3n actualizaciones de firmware para dispositivos NAS326, NAS520, NAS540 y NAS542. Modelos afectados que se encuentran en el final del soporte: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 y NSA325v2."
}
],
"id": "CVE-2020-9054",
"lastModified": "2024-11-21T05:39:54.583",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-04T20:15:10.750",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://kb.cert.org/artifacts/cve-2020-9054.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://kb.cert.org/vuls/id/498544/"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://kb.cert.org/artifacts/cve-2020-9054.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://kb.cert.org/vuls/id/498544/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-12-22 22:15
Modified
2024-11-21 05:24
Severity ?
Summary
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges.
References
Impacted products
{
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Zyxel Multiple Products Use of Hard-Coded Credentials Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "660A9038-66FB-4F71-BA50-8ED69C2E2274",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7239C54F-EC9E-44B4-AE33-1D36E5448219",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "E892C61D-80DE-4FA4-9224-1B3C72A31F57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06D2AD3A-9197-487D-A267-24DE332CC66B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg40_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "29398F33-D8B4-432D-A075-4454DA1B23F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCD2777-CC85-4BAA-B16B-19C2DB8DB742",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg40w_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "BA146A61-7B27-4E48-87C1-A82F45FB692A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0906F3FA-793B-421D-B957-7E9C18C1AEC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg60_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "14F685CA-FBD9-4A00-BB23-BF914DFE41D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26900300-1325-4C8A-BC3B-A10233B2462A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg60w_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "022CF987-20A8-4450-A8B8-94AF2F2D453E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A7555E-BC29-460C-A701-7DCDEAFE67F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg110_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "7540894B-A1EF-40C3-ABD3-D58CDB45622F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4834AC5E-884D-4A1C-A39B-B3F4A281E3CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg210_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "6556E988-676D-4E7A-BDC2-A53256548FEA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFF1122-755A-4531-AA2E-FD6E8478F92F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg310_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "56EF63D0-63DD-4EFD-AE7A-5680710AE573",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F302801D-3720-4598-8458-A8938BD6CB46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg1100_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "8451A4C8-2023-41A4-81A9-91565CEC6918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B68C4BD-3279-47AB-AC2A-7555163B12E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg1900_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "7391C72E-CAB3-4FAD-9FB6-789F48516C26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60F4E816-C4D3-451A-965C-45387D7DEB5B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg2200_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "B3B7B49D-7DB2-4D44-AC55-6B1F828B512D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "231547C3-33B8-42B7-983E-AA3C6CA5D107",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall110_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "52922CA2-1C1E-4972-A52E-D9FA84BCC4C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2347F91E-8AA3-4EB5-AD7F-7602A46C20BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall310_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "C9336382-E759-4869-9B59-57366E176CA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A97613C-26EF-481E-9215-197FE7A9D1C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall1100_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "271DE232-FAED-48A1-891C-33A6FDBA9EAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53A5732E-193B-4017-A434-A76BE80E20D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "7DC9FE97-6B7D-41E8-879C-572B23CB1105",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100w_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "61489A79-AAF5-4347-9E10-73F139D30EE2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "BB876002-669D-4052-B1B0-DA8F0B4EC500",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6231DF-ADB3-43A9-AC3B-C72905584B05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp700_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDC5E3D-2103-4545-8611-B1C49B4B5BAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "246B2EF8-6412-4E69-91A5-B394BF4D299F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A568BA-58D3-400C-9742-8E966C90D83E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "65E48F65-A408-4A93-BBBC-44D5054D9841",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2E5F78-7F7B-46BA-A7B1-0A49F4A6509D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "E39AE158-E577-403B-867E-CCD5F8EE5FC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "14484416-6575-4E23-96A7-F37936F75BAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "A0597006-8FA7-4622-9C13-AFE9767CADE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "28D39C78-DD5A-47FB-9590-B79AABA1038B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "438B93F0-7CBF-49E9-B556-CFEFE2E6EED0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "414BCC73-277B-48FD-8273-B33A780806D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges."
},
{
"lang": "es",
"value": "La versi\u00f3n de firmware 4.60 de los dispositivos Zyxel USG contiene una cuenta no documentada (zyfwp) con una contrase\u00f1a que no puede ser cambiada.\u0026#xa0;La contrase\u00f1a para esta cuenta se puede encontrar en texto sin cifrar en el firmware.\u0026#xa0;Esta cuenta puede ser usada por alguien para iniciar sesi\u00f3n en el servidor ssh o en la interfaz web con privilegios de administrador"
}
],
"id": "CVE-2020-29583",
"lastModified": "2024-11-21T05:24:15.697",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-22T22:15:14.443",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://ftp.zyxel.com/USG40/firmware/USG40_4.60%28AALA.1%29C0_2.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://businessforum.zyxel.com/discussion/5252/zld-v4-60-revoke-and-wk48-firmware-release"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://businessforum.zyxel.com/discussion/5254/whats-new-for-zld4-60-patch-1-available-on-dec-15"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.secpod.com/blog/a-secret-zyxel-firewall-and-ap-controllers-could-allow-for-administrative-access-cve-2020-29583/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/CVE-2020-29583.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/security_advisories.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://ftp.zyxel.com/USG40/firmware/USG40_4.60%28AALA.1%29C0_2.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://businessforum.zyxel.com/discussion/5252/zld-v4-60-revoke-and-wk48-firmware-release"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://businessforum.zyxel.com/discussion/5254/whats-new-for-zld4-60-patch-1-available-on-dec-15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.secpod.com/blog/a-secret-zyxel-firewall-and-ap-controllers-could-allow-for-administrative-access-cve-2020-29583/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/CVE-2020-29583.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/security_advisories.shtml"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-24 13:15
Modified
2024-11-21 08:04
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
References
Impacted products
{
"cisaActionDue": "2023-06-26",
"cisaExploitAdd": "2023-06-05",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Zyxel Multiple Firewalls Buffer Overflow Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73E39B94-291E-4E3A-8A89-B74FF063BA05",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "C5813B69-C1A3-4695-8B63-17994BBA1723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "B61DE8A9-6A73-45EF-8C37-39138F39168A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A41F09-4474-4ABC-B2FA-92B17F63A7CA",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "49FF3D01-C9AA-452C-A079-3180DC8DB269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8ABED29D-8074-46AB-8A0F-759B0653691B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B7E5F75-5577-4511-A1F4-1BD142D60BD5",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "9801F3AB-4560-44AA-934F-0A6D31F46195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "2A0E5B17-00E0-4CB0-9787-D6A8C8E1E0BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8F79940-F737-4A71-9FAC-1F99E0BCE450",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp100w_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "3CBAF763-195F-4B36-A450-719931B86650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp100w_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "4CB974EC-859A-4B74-8A60-98A5406E8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7728D2C4-0B0A-404E-92BC-AAA1A1987BFD",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp700_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "F4CF847A-A858-43A6-B35B-91455682E382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp700_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "9BE980D6-9D39-41B9-A35C-1879B72F4146",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "791D6928-BE82-4678-A8A4-39C9D9A1C684",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "BA1C872C-9192-410D-86F1-55CDF07DE77C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "EECC0FB9-DED8-4ACF-A627-0537F3EE8C65",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95F84E-95A0-4FB8-942A-732E022E3CC6",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "DA9E3C5E-9447-40D2-9036-6097FF433433",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "12F0F5D8-AC3F-4485-A013-5109FB796FF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "EF66A8A2-EE45-43ED-8F5A-FF488AC39943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "F185DD94-DDA0-4B37-BADE-8468BA08CC02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F65ACDFE-3A54-46D6-98CA-2D51957072AF",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "23E7810E-370E-4405-B7A2-C988511BE7B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8571FFB9-A90D-4EBD-87C0-F5119D142CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8FF81-5020-429E-ABC7-D0F18A5177F5",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "46E17CE0-8EA7-4188-B3E7-DBD1D30C8DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "C3D2B551-E080-4F75-A0C7-30D9E684EEEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0F817C-6388-41E2-9F80-9B5427036865",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "9A4E9538-EFB8-4181-A48B-D9B09F124B4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "9ECBAE12-DD16-476C-A2F1-2DF5F334741D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95F84E-95A0-4FB8-942A-732E022E3CC6",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "6ED353C3-7BD1-4270-8D70-0B3D51C276E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEA17444-10FA-4B93-A2D3-5D00151C12C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0751B297-FB9F-4F44-BF19-1C7668B8B757",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "206BCF6E-CEB7-4972-B321-ED3CAFD92E76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "18F99AF2-8419-4ADC-9F46-D53C177BA50F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "107BB5B9-9C04-4C35-88AD-4D59ECD17778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "5776089E-F9F4-4A0E-A169-FA1FC4DC6329",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB329984-D2A1-40B4-826D-78643B8DD4C8",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "B5FD9479-4FF2-412C-AB26-5F46FB354653",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "499EA838-5310-4C1C-B9E7-2AB90ACEAA2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B01FA34A-CA33-48E7-978C-638FC678C9C1",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "A7C9CFAA-87BB-4FFE-9191-0A662E58A2F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "062596D1-4466-46B6-B6B6-4403675B6A3B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0135FFF-62FA-4AEA-8B67-1CCA2D85D8E0",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "B41E614E-708B-4793-B10A-E264AC128AC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "DF398D47-F670-4669-B0BC-9BD9DEC553AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB62871-BC40-43D8-A486-471CD9316332",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "DA96F7C3-B9DA-4B14-8C69-05A8BC1C4FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "3F62D2F9-2D33-4E3F-B641-C721CF34B5C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7079103C-ED92-40C3-AF42-4689822A96E2",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:5.36:-:*:*:*:*:*:*",
"matchCriteriaId": "BC69FAB1-C862-470A-8CBF-BB8751485611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:5.36:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8FD54572-2C29-4D2E-B15A-DE3A16D8E3CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7239C54F-EC9E-44B4-AE33-1D36E5448219",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24F44F62-BE75-45DE-9160-E807F6789BE1",
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_40_firmware:4.73:-:*:*:*:*:*:*",
"matchCriteriaId": "97239F61-5715-476B-BD20-B40746AAFE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_40_firmware:4.73:patch1:*:*:*:*:*:*",
"matchCriteriaId": "FA798B77-D4B4-4F21-A543-A6C5AAD7878F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D84DDB81-DE66-4427-8833-633B45A45A14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C7AA79-C28C-4075-B420-FE41D106D6C6",
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_40w_firmware:4.73:-:*:*:*:*:*:*",
"matchCriteriaId": "1C2309AF-4FDB-4564-B2C4-B7BA67F1DA6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_40w_firmware:4.73:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8A04A40D-7093-49E3-A7A7-8C6F148F460F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F11F36C-60DB-4D81-A320-53EEE43758C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "560B1BFF-DB43-426C-A3B9-BF9A595EA62F",
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_60w_firmware:4.73:-:*:*:*:*:*:*",
"matchCriteriaId": "4C76684E-0F6D-4D89-8E59-343988366E1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_60w_firmware:4.73:patch1:*:*:*:*:*:*",
"matchCriteriaId": "14613F31-56A0-4F5B-9E1A-F316A4508F3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82864EF6-B63D-4947-A18C-AE0156CCA7FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3208CBB7-A4A2-4D92-9A40-766328C0CE4E",
"versionEndExcluding": "4.73",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_60_firmware:4.73:-:*:*:*:*:*:*",
"matchCriteriaId": "02C8DD42-9023-43B9-8B8B-BF9CC79E27E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:usg_60_firmware:4.73:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8B7249A0-0AE1-4C01-BF04-BD8BA385C84D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C65DB5E9-2FE3-4807-970E-A42FDF82B50E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device."
}
],
"id": "CVE-2023-33010",
"lastModified": "2024-11-21T08:04:23.920",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-24T13:15:09.640",
"references": [
{
"source": "security@zyxel.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls"
}
],
"sourceIdentifier": "security@zyxel.com.tw",
"vulnStatus": "Undergoing Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-24 18:15
Modified
2024-11-21 07:45
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A41F09-4474-4ABC-B2FA-92B17F63A7CA",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73E39B94-291E-4E3A-8A89-B74FF063BA05",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7728D2C4-0B0A-404E-92BC-AAA1A1987BFD",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B7E5F75-5577-4511-A1F4-1BD142D60BD5",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8F79940-F737-4A71-9FAC-1F99E0BCE450",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "791D6928-BE82-4678-A8A4-39C9D9A1C684",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95F84E-95A0-4FB8-942A-732E022E3CC6",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07895A23-2B15-4631-A55A-798B35A63E2D",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F65ACDFE-3A54-46D6-98CA-2D51957072AF",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8FF81-5020-429E-ABC7-D0F18A5177F5",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0F817C-6388-41E2-9F80-9B5427036865",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D65F0EC-7ACA-4B80-8D4E-2C1459837D15",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "224300FB-2462-4E88-A41E-E9E8EAE9CF48",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F61480ED-BBF0-49EC-A814-CEFDE1FBFA08",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7079103C-ED92-40C3-AF42-4689822A96E2",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7239C54F-EC9E-44B4-AE33-1D36E5448219",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB329984-D2A1-40B4-826D-78643B8DD4C8",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB62871-BC40-43D8-A486-471CD9316332",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0135FFF-62FA-4AEA-8B67-1CCA2D85D8E0",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B01FA34A-CA33-48E7-978C-638FC678C9C1",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85AA4E30-0A0E-4353-B88D-A856B83162DF",
"versionEndIncluding": "6.28\\(abfa.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nap203:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80AE2CEA-90AC-421A-86BB-F404CDE7785D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36AD6F34-B17E-4853-9375-62B51DE5F1D2",
"versionEndIncluding": "6.28\\(abex.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nap303:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4BF5D4C-DB8E-4077-BE78-C73AA203406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49E8EA12-187E-402B-866A-9125B2287292",
"versionEndIncluding": "6.28\\(abey.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nap353:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCEC13E-3D1C-4B42-87F5-94FE1066C218",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58E64F26-5465-4BD8-A948-39022B5AAA52",
"versionEndIncluding": "6.50\\(abtg.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A3F9232-F988-4428-9898-4F536123CE88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa1123-ac_hd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8DEEFBF-DD32-40E5-A431-BE6A93D529A4",
"versionEndIncluding": "6.25\\(abin.9\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa1123-ac_hd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A0FB576-76A2-4A25-979E-5E5B3BF5C636",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3448A074-A9B8-40BD-8DFA-E7097E402750",
"versionEndIncluding": "6.28\\(abhd.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa1123-ac-pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC66B07-67FB-47F6-B54B-E40BE89F33A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFC6F464-DAE9-42CE-9339-C5E35B90B17B",
"versionEndIncluding": "6.50\\(abvt.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36C13E7F-2186-4587-83E9-57B05A7147B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE46E92-D9DD-439C-BD41-88738FA652B7",
"versionEndIncluding": "6.50\\(abtd.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DECB1230-D22C-4FBD-909C-6315B66B189D",
"versionEndIncluding": "6.50\\(acco.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E03F755-424D-4248-9076-ED7BECEB94C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B73F329-98E5-496F-BE38-47DD023DCB64",
"versionEndIncluding": "6.55\\(acge.1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2806A3B3-8F13-4170-B284-8809E3502044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5804045-E32E-40E0-B42E-80755C385974",
"versionEndIncluding": "6.50\\(acge.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DD6E6B-61EC-4E60-8244-56ADB26F2234",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa5123-ac_hd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "881C0001-B6CA-409D-8901-653227098219",
"versionEndIncluding": "6.25\\(abim.9\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa5123-ac_hd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D85300F-9207-438C-A149-80FC7C6C0746",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4484EA94-3E1D-4DA8-B612-A35D50DC1103",
"versionEndIncluding": "6.29\\(abzl.1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7440976-5CB4-40BE-95C2-98EF4B888109",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D091EB4-A1FC-4E5F-AEE2-6EF879DC5B0A",
"versionEndIncluding": "6.29\\(accv.1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A903978-737E-4266-A670-BC94E32CAF96",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4FF6556-2B10-4A8C-9325-0A6D4B41E529",
"versionEndIncluding": "6.50\\(acgf.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA44855-B135-44BD-AE21-FC58CD647AB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D277464-AF76-4799-9B71-E96CB12BE0C0",
"versionEndIncluding": "6.50\\(abvs.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C024551-F08F-4152-940D-1CF8BCD79613",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57DFDE05-C95F-446B-BA97-98EBA11C9794",
"versionEndIncluding": "6.50\\(abwa.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A1FD502-4F62-4C77-B3BC-E563B24F0067",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A8FBD7-8461-474E-AFB1-BCAE24D4A2CD",
"versionEndIncluding": "6.25\\(abvz.9\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A690501F-DC2D-4F90-ABC0-33B5F1279C36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DF539FD-EDEA-4D37-8F1C-267884A617EF",
"versionEndIncluding": "6.28\\(aaxh.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "341DB051-7F01-4B36-BA15-EBC25FACB439",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "622C2163-0B2F-4A32-B5C4-4111B8EC9096",
"versionEndIncluding": "6.25\\(abgl.9\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F08117-0BCE-4EA1-8DA7-1AC4EFF67E2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A929856C-58D2-41AB-9EAC-E655123FD4FE",
"versionEndIncluding": "6.28\\(aasd.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6502d-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8842C8-FB0A-46F0-9BB4-CAC6334D1E51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB36BF49-E31B-4F35-84B9-3EF20989FE2A",
"versionEndIncluding": "6.28\\(aase.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD108388-ABE5-4142-910F-C3C8B1C13617",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA23320-A0E2-4A63-A20A-1F5FD7504C5F",
"versionEndIncluding": "6.28\\(aasf.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E49B6FA1-4FCE-4802-8FCA-988048D9A595",
"versionEndIncluding": "6.28\\(abio.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD47738A-9001-4CC1-8FED-1D1CFC56F548",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac6553d-e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD253268-2B7D-43BF-86BD-E603A52FD98A",
"versionEndIncluding": "6.28\\(aasg.0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6553d-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55273BCE-4F2C-4ED9-9FCB-D1197555BD53",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C89819-CCB6-42A0-8045-850D544D1BBA",
"versionEndIncluding": "6.50\\(abtf.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA21E78C-585A-4689-96B7-18C5DB44D2DE",
"versionEndIncluding": "6.50\\(abte.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3518DA0A-2C7B-4979-A457-0826C921B0F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B470158-EE21-45EB-BDEC-5396DE9CB23C",
"versionEndIncluding": "6.50\\(accn.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43DD5397-02A9-40DD-BD02-052095CB8DDB",
"versionEndIncluding": "6.50\\(abzd.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC74AAF9-5206-4CEB-9023-6CD4F38AA623",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F946BABC-A982-4625-AD9F-962C6FBDFDE9",
"versionEndIncluding": "6.50\\(accm.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20E4E9A0-DF92-47B7-94D6-0867E3171E47",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2260165C-2483-4F48-8E70-DC82B5DA1554",
"versionEndIncluding": "6.50\\(abrm.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D784994E-E2CE-4328-B490-D9DC195A53DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B0AE56-107B-41E2-A06A-BC8DC0A32FE7",
"versionEndIncluding": "6.50\\(acdo.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device."
}
],
"id": "CVE-2023-22918",
"lastModified": "2024-11-21T07:45:38.940",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-24T18:15:09.027",
"references": [
{
"source": "security@zyxel.com.tw",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps"
}
],
"sourceIdentifier": "security@zyxel.com.tw",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-359"
}
],
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-24 18:15
Modified
2024-11-21 07:53
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker to execute some OS commands remotely.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zyxel | atp200_firmware | * | |
| zyxel | atp200 | - | |
| zyxel | atp100_firmware | * | |
| zyxel | atp100 | - | |
| zyxel | atp700_firmware | * | |
| zyxel | atp700 | - | |
| zyxel | atp500_firmware | * | |
| zyxel | atp500 | - | |
| zyxel | atp100w_firmware | * | |
| zyxel | atp100w | - | |
| zyxel | atp800_firmware | * | |
| zyxel | atp800 | - | |
| zyxel | usg_flex_100_firmware | * | |
| zyxel | usg_flex_100 | - | |
| zyxel | usg_flex_50_firmware | * | |
| zyxel | usg_flex_50 | - | |
| zyxel | usg_flex_200_firmware | * | |
| zyxel | usg_flex_200 | - | |
| zyxel | usg_flex_500_firmware | * | |
| zyxel | usg_flex_500 | - | |
| zyxel | usg_flex_700_firmware | * | |
| zyxel | usg_flex_700 | - | |
| zyxel | usg_flex_100w_firmware | * | |
| zyxel | usg_flex_100w | - | |
| zyxel | usg_20w-vpn_firmware | * | |
| zyxel | usg_20w-vpn | - | |
| zyxel | usg_flex_50w_firmware | * | |
| zyxel | usg_flex_50w | - | |
| zyxel | usg20-vpn_firmware | * | |
| zyxel | usg20-vpn | - | |
| zyxel | vpn100_firmware | * | |
| zyxel | vpn100 | - | |
| zyxel | vpn1000_firmware | * | |
| zyxel | vpn1000 | - | |
| zyxel | vpn300_firmware | * | |
| zyxel | vpn300 | - | |
| zyxel | vpn50_firmware | * | |
| zyxel | vpn50 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A41F09-4474-4ABC-B2FA-92B17F63A7CA",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73E39B94-291E-4E3A-8A89-B74FF063BA05",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7728D2C4-0B0A-404E-92BC-AAA1A1987BFD",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B7E5F75-5577-4511-A1F4-1BD142D60BD5",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8F79940-F737-4A71-9FAC-1F99E0BCE450",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "791D6928-BE82-4678-A8A4-39C9D9A1C684",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95F84E-95A0-4FB8-942A-732E022E3CC6",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07895A23-2B15-4631-A55A-798B35A63E2D",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F65ACDFE-3A54-46D6-98CA-2D51957072AF",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8FF81-5020-429E-ABC7-D0F18A5177F5",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0F817C-6388-41E2-9F80-9B5427036865",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D65F0EC-7ACA-4B80-8D4E-2C1459837D15",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "224300FB-2462-4E88-A41E-E9E8EAE9CF48",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F61480ED-BBF0-49EC-A814-CEFDE1FBFA08",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7079103C-ED92-40C3-AF42-4689822A96E2",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7239C54F-EC9E-44B4-AE33-1D36E5448219",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB329984-D2A1-40B4-826D-78643B8DD4C8",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB62871-BC40-43D8-A486-471CD9316332",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0135FFF-62FA-4AEA-8B67-1CCA2D85D8E0",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B01FA34A-CA33-48E7-978C-638FC678C9C1",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker to execute some OS commands remotely."
}
],
"id": "CVE-2023-27991",
"lastModified": "2024-11-21T07:53:53.360",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-24T18:15:09.497",
"references": [
{
"source": "security@zyxel.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls"
}
],
"sourceIdentifier": "security@zyxel.com.tw",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-02 11:15
Modified
2024-11-21 06:11
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg1900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AB64698-F450-405C-9D27-EE5A34466835",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60F4E816-C4D3-451A-965C-45387D7DEB5B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg1100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37AB8F08-EEEB-4318-8A5F-10211B61E852",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B68C4BD-3279-47AB-AC2A-7555163B12E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3ED3A6D-68BC-48F6-AC34-99C5C012AF85",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F302801D-3720-4598-8458-A8938BD6CB46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C0676F-CA90-4E29-8131-AD2026E8E79D",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFF1122-755A-4531-AA2E-FD6E8478F92F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg110_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F17EF47-19AE-40BC-B547-B5900CC6D627",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4834AC5E-884D-4A1C-A39B-B3F4A281E3CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DED36D6-2286-4CDF-BACF-48403F3FCCE0",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCD2777-CC85-4BAA-B16B-19C2DB8DB742",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E355564-3F7A-4EE4-AD65-A84B78BB5395",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0906F3FA-793B-421D-B957-7E9C18C1AEC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23F9913B-2AE5-4B07-9EED-5A5F18B3F541",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26900300-1325-4C8A-BC3B-A10233B2462A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D485C08-FC2E-4569-BB49-249F7BDA149C",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A7555E-BC29-460C-A701-7DCDEAFE67F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AB1AAB7-AACC-4535-8C30-2D1FF7B2D647",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC3082ED-A564-494D-8427-B61F15F6DD88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9755AA21-D626-453A-A7E1-0069832E861A",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6626D8CA-2E58-46F7-9592-4922A3E6DF79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EDA25D-48DE-4B4A-9792-D9587A6FB8FC",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "748C9FE8-E66D-480F-9688-75E563332A23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC24EC0-FA7F-4500-A9CB-4854286DD67D",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F5C3A2C-12EA-4FAE-B088-665A90494685",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01B72080-1F0E-484D-8929-67BC2585E62B",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B44BD562-5D3A-4E4F-B648-6E2D1F0B02C7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABDA4AA0-FE83-400C-A7AE-001611225552",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE138A97-1AB8-493D-92AA-276DFA40E14F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EAAF268-7195-4884-B90E-93054A8CAC95",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "656D8467-02C4-43F6-A64B-998300D71814",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8B5062-6330-4369-9D7F-EA54E6A990E9",
"versionEndIncluding": "4.64",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7F15F3-9A55-462F-8AE3-EE71B759DE68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6718F421-40F9-4599-9720-9F3461AD0693",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE8626E7-8B32-4F54-9078-2C7E182783F7",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D39FB8E-FF0D-40D2-A92D-FB1B2C89D29D",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "686F56DF-BE47-4A17-A275-F7F0F38A16CF",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "789C6F4B-1592-40C2-9DE1-1C436F6F2A2B",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B332B58-AF42-45E3-B224-9AD745485A14",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A899D2DE-8C74-4EA1-BD87-B8BF37CBFB6D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A33C164A-F565-47AB-8F8C-3D418F36638B",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F65954-FF1A-46A4-A003-FF8B9666880A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "817D54B2-A13E-4105-B63D-A0474BC63CD7",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F6D0AA-CDD4-4F1C-98F1-1B381023B3F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF1F9383-C537-4B57-B3B1-61F5E7165642",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA85BCA2-CEF5-44EF-BEFB-5DA2638F5F37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9AF0390-357C-4249-A7CF-EE902836A2FE",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50CC94B-4EAA-44A7-AEF1-415491572FB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FECB2D46-3776-4059-8F01-164641965C84",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC7EB91-65C4-45EA-9CB4-3B3961724DCB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EA23975-C587-4BC1-986A-55DA451A05CB",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D902D9D2-5215-4A70-9D16-F1C3BA10EE18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24FD0B6C-EA3E-4AAC-BCFD-A58F0996988E",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6762B13C-6FD5-49D7-B2D6-4986BAC3D425",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC931102-95D8-4BF4-AA6B-F8F6CC4024C7",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C35A94-304B-46FB-BAA0-4E0C4F34BEDD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05F5F64E-3020-4453-A183-454EF80025A7",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7239C54F-EC9E-44B4-AE33-1D36E5448219",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4ECA11E7-4DCE-4030-9602-F7336A434817",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06D2AD3A-9197-487D-A267-24DE332CC66B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg2200-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED8D58-62BA-4225-8C68-0E8D75FB936C",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg2200-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CB2401-479A-4124-B03F-589D7C1061FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4763C9-EC74-4CAE-8A72-162E51ABBA9E",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "145E41D9-E376-4B8E-A34F-F2C7ECFD649D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D54C6A9-B282-4B5C-BAB0-24FB03415FA4",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B40C703E-C7C0-4B49-A336-83853D3E8C31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8A67D33-EF8E-4B70-891A-51DD5B4680D8",
"versionEndIncluding": "5.01",
"versionStartIncluding": "4.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE32A1C-A730-4893-BCB9-F753F8E65440",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n de la autenticaci\u00f3n en la interfaz de administraci\u00f3n basada en web de Zyxel USG/Zywall series versiones de firmware 4.35 hasta 4.64 y USG Flex, ATP, y VPN versiones de firmware 4.35 hasta 5.01, que podr\u00eda permitir a un atacante remoto ejecutar comandos arbitrarios en un dispositivo afectado"
}
],
"id": "CVE-2021-35029",
"lastModified": "2024-11-21T06:11:42.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-02T11:15:08.930",
"references": [
{
"source": "security@zyxel.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml"
}
],
"sourceIdentifier": "security@zyxel.com.tw",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-24 18:15
Modified
2024-11-21 07:53
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker with administrator privileges to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed when the user visits the Logs page of the GUI on the device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zyxel | atp200_firmware | * | |
| zyxel | atp200 | - | |
| zyxel | atp100_firmware | * | |
| zyxel | atp100 | - | |
| zyxel | atp700_firmware | * | |
| zyxel | atp700 | - | |
| zyxel | atp500_firmware | * | |
| zyxel | atp500 | - | |
| zyxel | atp100w_firmware | * | |
| zyxel | atp100w | - | |
| zyxel | atp800_firmware | * | |
| zyxel | atp800 | - | |
| zyxel | usg_flex_100_firmware | * | |
| zyxel | usg_flex_100 | - | |
| zyxel | usg_flex_50_firmware | * | |
| zyxel | usg_flex_50 | - | |
| zyxel | usg_flex_200_firmware | * | |
| zyxel | usg_flex_200 | - | |
| zyxel | usg_flex_500_firmware | * | |
| zyxel | usg_flex_500 | - | |
| zyxel | usg_flex_700_firmware | * | |
| zyxel | usg_flex_700 | - | |
| zyxel | usg_flex_100w_firmware | * | |
| zyxel | usg_flex_100w | - | |
| zyxel | usg_20w-vpn_firmware | * | |
| zyxel | usg_20w-vpn | - | |
| zyxel | usg_flex_50w_firmware | * | |
| zyxel | usg_flex_50w | - | |
| zyxel | usg20-vpn_firmware | * | |
| zyxel | usg20-vpn | - | |
| zyxel | vpn100_firmware | * | |
| zyxel | vpn100 | - | |
| zyxel | vpn1000_firmware | * | |
| zyxel | vpn1000 | - | |
| zyxel | vpn300_firmware | * | |
| zyxel | vpn300 | - | |
| zyxel | vpn50_firmware | * | |
| zyxel | vpn50 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A41F09-4474-4ABC-B2FA-92B17F63A7CA",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73E39B94-291E-4E3A-8A89-B74FF063BA05",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7728D2C4-0B0A-404E-92BC-AAA1A1987BFD",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B7E5F75-5577-4511-A1F4-1BD142D60BD5",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8F79940-F737-4A71-9FAC-1F99E0BCE450",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "791D6928-BE82-4678-A8A4-39C9D9A1C684",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95F84E-95A0-4FB8-942A-732E022E3CC6",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07895A23-2B15-4631-A55A-798B35A63E2D",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F65ACDFE-3A54-46D6-98CA-2D51957072AF",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8FF81-5020-429E-ABC7-D0F18A5177F5",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0F817C-6388-41E2-9F80-9B5427036865",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D65F0EC-7ACA-4B80-8D4E-2C1459837D15",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "224300FB-2462-4E88-A41E-E9E8EAE9CF48",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F61480ED-BBF0-49EC-A814-CEFDE1FBFA08",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7079103C-ED92-40C3-AF42-4689822A96E2",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7239C54F-EC9E-44B4-AE33-1D36E5448219",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB329984-D2A1-40B4-826D-78643B8DD4C8",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB62871-BC40-43D8-A486-471CD9316332",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0135FFF-62FA-4AEA-8B67-1CCA2D85D8E0",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B01FA34A-CA33-48E7-978C-638FC678C9C1",
"versionEndExcluding": "5.36",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker with administrator privileges to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed when the user visits the Logs page of the GUI on the device.\n\n"
}
],
"id": "CVE-2023-27990",
"lastModified": "2024-11-21T07:53:53.193",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-24T18:15:09.440",
"references": [
{
"source": "security@zyxel.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls"
}
],
"sourceIdentifier": "security@zyxel.com.tw",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2022-38547
Vulnerability from cvelistv5
Published
2023-02-07 00:00
Modified
2024-08-03 10:54
Severity ?
EPSS score ?
Summary
A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72, VPN series firmware versions 4.30 through 5.32, USG FLEX series firmware versions 4.50 through 5.32, and ATP series firmware versions 4.32 through 5.32, which could allow an authenticated attacker with administrator privileges to execute OS commands.
References
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | ZyWALL/USG series firmware |
Version: 4.20 through 4.72 |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:54:04.001Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-rce-in-firewalls"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ZyWALL/USG series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.20 through 4.72"
}
]
},
{
"product": "VPN series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.30 through 5.32"
}
]
},
{
"product": "USG FLEX series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.50 through 5.32"
}
]
},
{
"product": "ATP series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.32 through 5.32"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72, VPN series firmware versions 4.30 through 5.32, USG FLEX series firmware versions 4.50 through 5.32, and ATP series firmware versions 4.32 through 5.32, which could allow an authenticated attacker with administrator privileges to execute OS commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-07T00:00:00",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-rce-in-firewalls"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2022-38547",
"datePublished": "2023-02-07T00:00:00",
"dateReserved": "2022-08-22T00:00:00",
"dateUpdated": "2024-08-03T10:54:04.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-33010
Vulnerability from cvelistv5
Published
2023-05-24 00:00
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | ATP series firmware |
Version: 4.32 through 5.36 Patch 1 |
||||||||||||||||||||
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ATP series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.32 through 5.36 Patch 1"
}
]
},
{
"product": "USG FLEX series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.50 through 5.36 Patch 1"
}
]
},
{
"product": "USG FLEX 50(W) firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.25 through 5.36 Patch 1"
}
]
},
{
"product": "USG20(W)-VPN firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.25 through 5.36 Patch 1"
}
]
},
{
"product": "VPN series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.30 through 5.36 Patch 1"
}
]
},
{
"product": "ZyWALL/USG series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.25 through 4.73 Patch 1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-24T00:00:00",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2023-33010",
"datePublished": "2023-05-24T00:00:00",
"dateReserved": "2023-05-17T00:00:00",
"dateUpdated": "2024-08-02T15:32:46.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-27991
Vulnerability from cvelistv5
Published
2023-04-24 00:00
Modified
2024-08-02 12:23
Severity ?
EPSS score ?
Summary
The post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker to execute some OS commands remotely.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | ATP series firmware |
Version: 4.32 through 5.35 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ATP series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.32 through 5.35"
}
]
},
{
"product": "USG FLEX series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.50 through 5.35"
}
]
},
{
"product": "USG FLEX 50(W) firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.16 through 5.35"
}
]
},
{
"product": "USG20(W)-VPN firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.16 through 5.35"
}
]
},
{
"product": "VPN series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.30 through 5.35"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker to execute some OS commands remotely."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-24T00:00:00",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2023-27991",
"datePublished": "2023-04-24T00:00:00",
"dateReserved": "2023-03-09T00:00:00",
"dateUpdated": "2024-08-02T12:23:30.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-2030
Vulnerability from cvelistv5
Published
2022-07-19 05:55
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.11 through 4.72, that could allow an authenticated attacker to access some restricted files on a vulnerable device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | USG FLEX 100(W) firmware |
Version: 4.50 through 5.30 |
||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:24:44.144Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "USG FLEX 100(W) firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.50 through 5.30"
}
]
},
{
"product": "USG FLEX 200 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.50 through 5.30"
}
]
},
{
"product": "USG FLEX 500 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.50 through 5.30"
}
]
},
{
"product": "USG FLEX 700 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.50 through 5.30"
}
]
},
{
"product": "ATP series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.32 through 5.30"
}
]
},
{
"product": "VPN series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.30 through 5.30"
}
]
},
{
"product": "USG FLEX 50(W) firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.16 through 5.30"
}
]
},
{
"product": "USG 20(W)-VPN firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.16 through 5.30"
}
]
},
{
"product": "USG/ZyWALL series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.11 through 4.72"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.11 through 4.72, that could allow an authenticated attacker to access some restricted files on a vulnerable device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-19T05:55:11",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2022-2030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "USG FLEX 100(W) firmware",
"version": {
"version_data": [
{
"version_value": "4.50 through 5.30"
}
]
}
},
{
"product_name": "USG FLEX 200 firmware",
"version": {
"version_data": [
{
"version_value": "4.50 through 5.30"
}
]
}
},
{
"product_name": "USG FLEX 500 firmware",
"version": {
"version_data": [
{
"version_value": "4.50 through 5.30"
}
]
}
},
{
"product_name": "USG FLEX 700 firmware",
"version": {
"version_data": [
{
"version_value": "4.50 through 5.30"
}
]
}
},
{
"product_name": "ATP series firmware",
"version": {
"version_data": [
{
"version_value": "4.32 through 5.30"
}
]
}
},
{
"product_name": "VPN series firmware",
"version": {
"version_data": [
{
"version_value": "4.30 through 5.30"
}
]
}
},
{
"product_name": "USG FLEX 50(W) firmware",
"version": {
"version_data": [
{
"version_value": "4.16 through 5.30"
}
]
}
},
{
"product_name": "USG 20(W)-VPN firmware",
"version": {
"version_data": [
{
"version_value": "4.16 through 5.30"
}
]
}
},
{
"product_name": "USG/ZyWALL series firmware",
"version": {
"version_data": [
{
"version_value": "4.11 through 4.72"
}
]
}
}
]
},
"vendor_name": "Zyxel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.11 through 4.72, that could allow an authenticated attacker to access some restricted files on a vulnerable device."
}
]
},
"impact": {
"cvss": {
"baseScore": "6.5",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml",
"refsource": "CONFIRM",
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2022-2030",
"datePublished": "2022-07-19T05:55:11",
"dateReserved": "2022-06-08T00:00:00",
"dateUpdated": "2024-08-03T00:24:44.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-29583
Vulnerability from cvelistv5
Published
2020-12-22 00:00
Modified
2024-08-04 16:55
Severity ?
EPSS score ?
Summary
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:55:10.633Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.zyxel.com/support/security_advisories.shtml"
},
{
"tags": [
"x_transferred"
],
"url": "http://ftp.zyxel.com/USG40/firmware/USG40_4.60%28AALA.1%29C0_2.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://businessforum.zyxel.com/discussion/5254/whats-new-for-zld4-60-patch-1-available-on-dec-15"
},
{
"tags": [
"x_transferred"
],
"url": "https://businessforum.zyxel.com/discussion/5252/zld-v4-60-revoke-and-wk48-firmware-release"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zyxel.com/support/CVE-2020-29583.shtml"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.secpod.com/blog/a-secret-zyxel-firewall-and-ap-controllers-could-allow-for-administrative-access-cve-2020-29583/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-28T00:43:07.540036",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.zyxel.com/support/security_advisories.shtml"
},
{
"url": "http://ftp.zyxel.com/USG40/firmware/USG40_4.60%28AALA.1%29C0_2.pdf"
},
{
"url": "https://businessforum.zyxel.com/discussion/5254/whats-new-for-zld4-60-patch-1-available-on-dec-15"
},
{
"url": "https://businessforum.zyxel.com/discussion/5252/zld-v4-60-revoke-and-wk48-firmware-release"
},
{
"url": "https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html"
},
{
"url": "https://www.zyxel.com/support/CVE-2020-29583.shtml"
},
{
"url": "https://www.secpod.com/blog/a-secret-zyxel-firewall-and-ap-controllers-could-allow-for-administrative-access-cve-2020-29583/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-29583",
"datePublished": "2020-12-22T00:00:00",
"dateReserved": "2020-12-06T00:00:00",
"dateUpdated": "2024-08-04T16:55:10.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-22918
Vulnerability from cvelistv5
Published
2023-04-24 00:00
Modified
2024-08-02 10:20
Severity ?
EPSS score ?
Summary
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | ATP series firmware |
Version: 4.32 through 5.35 |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:20:31.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ATP series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.32 through 5.35"
}
]
},
{
"product": "USG FLEX series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.50 through 5.35"
}
]
},
{
"product": "USG FLEX 50(W) firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.16 through 5.35"
}
]
},
{
"product": "USG20(W)-VPN firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.16 through 5.35"
}
]
},
{
"product": "VPN series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.30 through 5.35"
}
]
},
{
"product": "NWA110AX firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= 6.50(ABTG.2)"
}
]
},
{
"product": "WAC500 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= 6.50(ABVS.0)"
}
]
},
{
"product": "WAX510D firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= 6.50(ABTF.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-24T00:00:00",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2023-22918",
"datePublished": "2023-04-24T00:00:00",
"dateReserved": "2023-01-10T00:00:00",
"dateUpdated": "2024-08-02T10:20:31.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-30526
Vulnerability from cvelistv5
Published
2022-07-19 05:45
Modified
2024-08-03 06:48
Severity ?
EPSS score ?
Summary
A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | USG FLEX 100(W) firmware |
Version: 4.50 through 5.30 |
||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:48:36.418Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168202/Zyxel-Firewall-SUID-Binary-Privilege-Escalation.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "USG FLEX 100(W) firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.50 through 5.30"
}
]
},
{
"product": "USG FLEX 200 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.50 through 5.30"
}
]
},
{
"product": "USG FLEX 500 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.50 through 5.30"
}
]
},
{
"product": "USG FLEX 700 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.50 through 5.30"
}
]
},
{
"product": "ATP series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.32 through 5.30"
}
]
},
{
"product": "VPN series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.30 through 5.30"
}
]
},
{
"product": "USG FLEX 50(W) firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.16 through 5.30"
}
]
},
{
"product": "USG 20(W)-VPN firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.16 through 5.30"
}
]
},
{
"product": "USG/ZyWALL series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.09 through 4.72"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-31T18:06:17",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/168202/Zyxel-Firewall-SUID-Binary-Privilege-Escalation.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2022-30526",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "USG FLEX 100(W) firmware",
"version": {
"version_data": [
{
"version_value": "4.50 through 5.30"
}
]
}
},
{
"product_name": "USG FLEX 200 firmware",
"version": {
"version_data": [
{
"version_value": "4.50 through 5.30"
}
]
}
},
{
"product_name": "USG FLEX 500 firmware",
"version": {
"version_data": [
{
"version_value": "4.50 through 5.30"
}
]
}
},
{
"product_name": "USG FLEX 700 firmware",
"version": {
"version_data": [
{
"version_value": "4.50 through 5.30"
}
]
}
},
{
"product_name": "ATP series firmware",
"version": {
"version_data": [
{
"version_value": "4.32 through 5.30"
}
]
}
},
{
"product_name": "VPN series firmware",
"version": {
"version_data": [
{
"version_value": "4.30 through 5.30"
}
]
}
},
{
"product_name": "USG FLEX 50(W) firmware",
"version": {
"version_data": [
{
"version_value": "4.16 through 5.30"
}
]
}
},
{
"product_name": "USG 20(W)-VPN firmware",
"version": {
"version_data": [
{
"version_value": "4.16 through 5.30"
}
]
}
},
{
"product_name": "USG/ZyWALL series firmware",
"version": {
"version_data": [
{
"version_value": "4.09 through 4.72"
}
]
}
}
]
},
"vendor_name": "Zyxel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device."
}
]
},
"impact": {
"cvss": {
"baseScore": "7.8",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml",
"refsource": "CONFIRM",
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml"
},
{
"name": "http://packetstormsecurity.com/files/168202/Zyxel-Firewall-SUID-Binary-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/168202/Zyxel-Firewall-SUID-Binary-Privilege-Escalation.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2022-30526",
"datePublished": "2022-07-19T05:45:14",
"dateReserved": "2022-05-10T00:00:00",
"dateUpdated": "2024-08-03T06:48:36.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-33009
Vulnerability from cvelistv5
Published
2023-05-24 00:00
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | ATP series firmware |
Version: 4.60 through 5.36 Patch 1 |
||||||||||||||||||||
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ATP series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.60 through 5.36 Patch 1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG FLEX series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.60 through 5.36 Patch 1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG FLEX 50(W) firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.60 through 5.36 Patch 1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG20(W)-VPN firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.60 through 5.36 Patch 1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VPN series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.60 through 5.36 Patch 1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ZyWALL/USG series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.60 through 4.73 Patch 1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.\u003c/p\u003e"
}
],
"value": "A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-15T06:17:00.675Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2023-33009",
"datePublished": "2023-05-24T00:00:00",
"dateReserved": "2023-05-17T00:00:00",
"dateUpdated": "2024-08-02T15:32:46.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-35029
Vulnerability from cvelistv5
Published
2021-07-02 10:29
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | USG/Zywall series Firmware |
Version: 4.35 through 4.64 |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:33:49.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "USG/Zywall series Firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.35 through 4.64"
}
]
},
{
"product": "USG FLEX series Firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.35 through 5.01"
}
]
},
{
"product": "ATP series Firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.35 through 5.01"
}
]
},
{
"product": "VPN series Firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.35 through 5.01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-02T10:29:07",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2021-35029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "USG/Zywall series Firmware",
"version": {
"version_data": [
{
"version_value": "4.35 through 4.64"
}
]
}
},
{
"product_name": "USG FLEX series Firmware",
"version": {
"version_data": [
{
"version_value": "4.35 through 5.01"
}
]
}
},
{
"product_name": "ATP series Firmware",
"version": {
"version_data": [
{
"version_value": "4.35 through 5.01"
}
]
}
},
{
"product_name": "VPN series Firmware",
"version": {
"version_data": [
{
"version_value": "4.35 through 5.01"
}
]
}
}
]
},
"vendor_name": "Zyxel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device."
}
]
},
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml",
"refsource": "MISC",
"url": "https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2021-35029",
"datePublished": "2021-07-02T10:29:07",
"dateReserved": "2021-06-17T00:00:00",
"dateUpdated": "2024-08-04T00:33:49.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-9955
Vulnerability from cvelistv5
Published
2019-04-22 19:38
Modified
2024-08-04 22:10
Severity ?
EPSS score ?
Summary
On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized 'mp_idx' parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.securitymetrics.com/blog/Zyxel-Devices-Vulnerable-Cross-Site-Scripting-Login-page | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2019/Apr/22 | mailing-list, x_refsource_FULLDISC | |
| https://www.exploit-db.com/exploits/46706/ | exploit, x_refsource_EXPLOIT-DB | |
| http://packetstormsecurity.com/files/152525/Zyxel-ZyWall-Cross-Site-Scripting.html | x_refsource_MISC | |
| https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:10:08.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securitymetrics.com/blog/Zyxel-Devices-Vulnerable-Cross-Site-Scripting-Login-page"
},
{
"name": "20190416 CVE-2019-9955 Refelected XSS on Zyxel Login page",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Apr/22"
},
{
"name": "46706",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46706/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152525/Zyxel-ZyWall-Cross-Site-Scripting.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized \u0027mp_idx\u0027 parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-22T19:38:59",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securitymetrics.com/blog/Zyxel-Devices-Vulnerable-Cross-Site-Scripting-Login-page"
},
{
"name": "20190416 CVE-2019-9955 Refelected XSS on Zyxel Login page",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Apr/22"
},
{
"name": "46706",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46706/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152525/Zyxel-ZyWall-Cross-Site-Scripting.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9955",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized \u0027mp_idx\u0027 parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.securitymetrics.com/blog/Zyxel-Devices-Vulnerable-Cross-Site-Scripting-Login-page",
"refsource": "MISC",
"url": "https://www.securitymetrics.com/blog/Zyxel-Devices-Vulnerable-Cross-Site-Scripting-Login-page"
},
{
"name": "20190416 CVE-2019-9955 Refelected XSS on Zyxel Login page",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Apr/22"
},
{
"name": "46706",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46706/"
},
{
"name": "http://packetstormsecurity.com/files/152525/Zyxel-ZyWall-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152525/Zyxel-ZyWall-Cross-Site-Scripting.html"
},
{
"name": "https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml",
"refsource": "CONFIRM",
"url": "https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-9955",
"datePublished": "2019-04-22T19:38:59",
"dateReserved": "2019-03-23T00:00:00",
"dateUpdated": "2024-08-04T22:10:08.670Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-27990
Vulnerability from cvelistv5
Published
2023-04-24 00:00
Modified
2024-08-02 12:23
Severity ?
EPSS score ?
Summary
The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker with administrator privileges to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed when the user visits the Logs page of the GUI on the device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | ATP series firmware |
Version: 4.32 through 5.35 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ATP series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.32 through 5.35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG FLEX series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.50 through 5.35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG FLEX 50(W) firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.16 through 5.35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG20(W)-VPN firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.16 through 5.35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VPN series firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "4.30 through 5.35"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe cross-site scripting (\u003c/span\u003eXSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker with administrator privileges to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed when the user visits the Logs page of the GUI on the device.\u003c/p\u003e"
}
],
"value": "The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker with administrator privileges to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed when the user visits the Logs page of the GUI on the device.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T06:45:53.586Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2023-27990",
"datePublished": "2023-04-24T00:00:00",
"dateReserved": "2023-03-09T00:00:00",
"dateUpdated": "2024-08-02T12:23:30.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9054
Vulnerability from cvelistv5
Published
2020-03-04 19:30
Modified
2024-09-16 17:14
Severity ?
EPSS score ?
Summary
Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2
References
| ▼ | URL | Tags |
|---|---|---|
| https://cwe.mitre.org/data/definitions/78.html | x_refsource_MISC | |
| https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml | x_refsource_CONFIRM | |
| https://kb.cert.org/vuls/id/498544/ | third-party-advisory, x_refsource_CERT-VN | |
| https://kb.cert.org/artifacts/cve-2020-9054.html | x_refsource_MISC | |
| https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | ZyXEL | NAS326 |
Version: V5.21(AAZF.7)C0 < |
||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml"
},
{
"name": "VU#498544",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://kb.cert.org/vuls/id/498544/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.cert.org/artifacts/cve-2020-9054.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NAS326",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V5.21(AAZF.7)C0",
"status": "affected",
"version": "V5.21(AAZF.7)C0",
"versionType": "custom"
}
]
},
{
"product": "NAS520",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V5.21(AASZ.3)C0",
"status": "affected",
"version": "V5.21(AASZ.3)C0",
"versionType": "custom"
}
]
},
{
"product": "NAS540",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V5.21(AATB.4)C0",
"status": "affected",
"version": "V5.21(AATB.4)C0",
"versionType": "custom"
}
]
},
{
"product": "NAS542",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V5.21(ABAG.4)C0",
"status": "affected",
"version": "V5.21(ABAG.4)C0",
"versionType": "custom"
}
]
},
{
"product": "NSA210",
"vendor": "ZyXEL",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "NSA220",
"vendor": "ZyXEL",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "NSA220+",
"vendor": "ZyXEL",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "NSA221",
"vendor": "ZyXEL",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "NSA310",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V4.75(AALH.2)C0",
"status": "affected",
"version": "V4.75(AALH.2)C0",
"versionType": "custom"
}
]
},
{
"product": "NSA320",
"vendor": "ZyXEL",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "NSA320S",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V4.75(AANV.2)C0",
"status": "affected",
"version": "V4.75(AANV.2)C0",
"versionType": "custom"
}
]
},
{
"product": "NSA325",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V4.81(AAAJ.1)C0",
"status": "affected",
"version": "V4.81(AAAJ.1)C0",
"versionType": "custom"
}
]
},
{
"product": "NSA325v2",
"vendor": "ZyXEL",
"versions": [
{
"lessThanOrEqual": "V4.81(AALS.1)C0",
"status": "affected",
"version": "V4.81(AALS.1)C0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Alex Holden of Hold Security for finding and reporting this vulnerability."
}
],
"datePublic": "2020-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2"
}
],
"exploits": [
{
"lang": "en",
"value": "https://kb.cert.org/artifacts/cve-2020-9054.html"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-04T19:30:18",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml"
},
{
"name": "VU#498544",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://kb.cert.org/vuls/id/498544/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.cert.org/artifacts/cve-2020-9054.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/"
}
],
"solutions": [
{
"lang": "en",
"value": "ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, NAS542, ATP100, ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200, VPN50, VPN100, VPN300, VPN1000, ZyWALL110, ZyWALL310, and ZyWALL1100 devices."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ZyXEL NAS products running firmware version 5.21 and earlier are vulnerable to pre-authentication command injection in weblogin.cgi",
"workarounds": [
{
"lang": "en",
"value": "Block access to the ZyXEL device web interface:\n\nThis issue can be mitigated by blocking (for example with a firewall) access to the web interface (80/tcp and 443/tcp) of any vulnerable ZyXEL device. Any machine that can access the ZyXEL web interface should not also be able to access the internet.\n\nRestrict access to vulnerable ZyXEL devices:\n\nDirect exploitation of this vulnerability can be mitigated by restricting access to vulnerable devices. In particular, do not expose such devices directly to the internet. Note however, that it is still possible for attackers to exploit devices that are not directly connected to the internet. For example, by way of viewing a web page."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"DATE_PUBLIC": "2020-02-20T00:00:00.000Z",
"ID": "CVE-2020-9054",
"STATE": "PUBLIC",
"TITLE": "ZyXEL NAS products running firmware version 5.21 and earlier are vulnerable to pre-authentication command injection in weblogin.cgi"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NAS326",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V5.21(AAZF.7)C0",
"version_value": "V5.21(AAZF.7)C0"
}
]
}
},
{
"product_name": "NAS520",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V5.21(AASZ.3)C0",
"version_value": "V5.21(AASZ.3)C0"
}
]
}
},
{
"product_name": "NAS540",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V5.21(AATB.4)C0",
"version_value": "V5.21(AATB.4)C0"
}
]
}
},
{
"product_name": "NAS542",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V5.21(ABAG.4)C0",
"version_value": "V5.21(ABAG.4)C0"
}
]
}
},
{
"product_name": "NSA210",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "NSA220",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "NSA220+",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "NSA221",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "NSA310",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V4.75(AALH.2)C0",
"version_value": "V4.75(AALH.2)C0"
}
]
}
},
{
"product_name": "NSA320",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "NSA320S",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V4.75(AANV.2)C0",
"version_value": "V4.75(AANV.2)C0"
}
]
}
},
{
"product_name": "NSA325",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V4.81(AAAJ.1)C0",
"version_value": "V4.81(AAAJ.1)C0"
}
]
}
},
{
"product_name": "NSA325v2",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V4.81(AALS.1)C0",
"version_value": "V4.81(AALS.1)C0"
}
]
}
}
]
},
"vendor_name": "ZyXEL"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Alex Holden of Hold Security for finding and reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2"
}
]
},
"exploit": [
{
"lang": "en",
"value": "https://kb.cert.org/artifacts/cve-2020-9054.html"
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwe.mitre.org/data/definitions/78.html",
"refsource": "MISC",
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"name": "https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml",
"refsource": "CONFIRM",
"url": "https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml"
},
{
"name": "VU#498544",
"refsource": "CERT-VN",
"url": "https://kb.cert.org/vuls/id/498544/"
},
{
"name": "https://kb.cert.org/artifacts/cve-2020-9054.html",
"refsource": "MISC",
"url": "https://kb.cert.org/artifacts/cve-2020-9054.html"
},
{
"name": "https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/",
"refsource": "MISC",
"url": "https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/"
}
]
},
"solution": [
{
"lang": "en",
"value": "ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, NAS542, ATP100, ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200, VPN50, VPN100, VPN300, VPN1000, ZyWALL110, ZyWALL310, and ZyWALL1100 devices."
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Block access to the ZyXEL device web interface:\n\nThis issue can be mitigated by blocking (for example with a firewall) access to the web interface (80/tcp and 443/tcp) of any vulnerable ZyXEL device. Any machine that can access the ZyXEL web interface should not also be able to access the internet.\n\nRestrict access to vulnerable ZyXEL devices:\n\nDirect exploitation of this vulnerability can be mitigated by restricting access to vulnerable devices. In particular, do not expose such devices directly to the internet. Note however, that it is still possible for attackers to exploit devices that are not directly connected to the internet. For example, by way of viewing a web page."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2020-9054",
"datePublished": "2020-03-04T19:30:18.400802Z",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-09-16T17:14:38.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-25014
Vulnerability from cvelistv5
Published
2020-11-27 17:18
Modified
2024-08-04 15:26
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://businessforum.zyxel.com/categories/security-news-and-release | x_refsource_MISC | |
| https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:26:09.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://businessforum.zyxel.com/categories/security-news-and-release"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-27T17:18:30",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://businessforum.zyxel.com/categories/security-news-and-release"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-25014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://businessforum.zyxel.com/categories/security-news-and-release",
"refsource": "MISC",
"url": "https://businessforum.zyxel.com/categories/security-news-and-release"
},
{
"name": "https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml",
"refsource": "CONFIRM",
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-25014",
"datePublished": "2020-11-27T17:18:30",
"dateReserved": "2020-08-28T00:00:00",
"dateUpdated": "2024-08-04T15:26:09.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}