Vulnerabilites related to zyxel - wac6502d-s_firmware
cve-2022-26532
Vulnerability from cvelistv5
Published
2022-05-24 05:20
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.
References
▼ | URL | Tags |
---|---|---|
https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Jun/15 | mailing-list, x_refsource_FULLDISC | |
http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Zyxel | USG/ZyWALL series firmware |
Version: 4.09 through 4.71 |
||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.963Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, { name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "USG/ZyWALL series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.09 through 4.71", }, ], }, { product: "USG FLEX series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.50 through 5.21", }, ], }, { product: "ATP series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.32 through 5.21", }, ], }, { product: "VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.30 through 5.21", }, ], }, { product: "NSG series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "1.00 through 1.33 Patch 4", }, ], }, { product: "NXC2500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.10(AAIG.3)", }, ], }, { product: "NAP203 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.25(ABFA.7)", }, ], }, { product: "NWA50AX firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.25(ABYW.5)", }, ], }, { product: "WAC500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.30(ABVS.2)", }, ], }, { product: "WAX510D firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.30(ABTF.2)", }, ], }, ], descriptions: [ { lang: "en", value: "A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-88", description: "CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-19T18:06:10", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, { name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@zyxel.com.tw", ID: "CVE-2022-26532", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "USG/ZyWALL series firmware", version: { version_data: [ { version_value: "4.09 through 4.71", }, ], }, }, { product_name: "USG FLEX series firmware", version: { version_data: [ { version_value: "4.50 through 5.21", }, ], }, }, { product_name: "ATP series firmware", version: { version_data: [ { version_value: "4.32 through 5.21", }, ], }, }, { product_name: "VPN series firmware", version: { version_data: [ { version_value: "4.30 through 5.21", }, ], }, }, { product_name: "NSG series firmware", version: { version_data: [ { version_value: "1.00 through 1.33 Patch 4", }, ], }, }, { product_name: "NXC2500 firmware", version: { version_data: [ { version_value: "<= 6.10(AAIG.3)", }, ], }, }, { product_name: "NAP203 firmware", version: { version_data: [ { version_value: "<= 6.25(ABFA.7)", }, ], }, }, { product_name: "NWA50AX firmware", version: { version_data: [ { version_value: "<= 6.25(ABYW.5)", }, ], }, }, { product_name: "WAC500 firmware", version: { version_data: [ { version_value: "<= 6.30(ABVS.2)", }, ], }, }, { product_name: "WAX510D firmware", version: { version_data: [ { version_value: "<= 6.30(ABTF.2)", }, ], }, }, ], }, vendor_name: "Zyxel", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.", }, ], }, impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", }, ], }, ], }, references: { reference_data: [ { name: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", refsource: "CONFIRM", url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, { name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { name: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2022-26532", datePublished: "2022-05-24T05:20:09", dateReserved: "2022-03-07T00:00:00", dateUpdated: "2024-08-03T05:03:32.963Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22918
Vulnerability from cvelistv5
Published
2023-04-24 00:00
Modified
2024-08-02 10:20
Severity ?
EPSS score ?
Summary
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Zyxel | ATP series firmware |
Version: 4.32 through 5.35 |
||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:20:31.470Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ATP series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.32 through 5.35", }, ], }, { product: "USG FLEX series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.50 through 5.35", }, ], }, { product: "USG FLEX 50(W) firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.16 through 5.35", }, ], }, { product: "USG20(W)-VPN firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.16 through 5.35", }, ], }, { product: "VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.30 through 5.35", }, ], }, { product: "NWA110AX firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.50(ABTG.2)", }, ], }, { product: "WAC500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.50(ABVS.0)", }, ], }, { product: "WAX510D firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.50(ABTF.2)", }, ], }, ], descriptions: [ { lang: "en", value: "A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-359", description: "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-24T00:00:00", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps", }, ], }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2023-22918", datePublished: "2023-04-24T00:00:00", dateReserved: "2023-01-10T00:00:00", dateUpdated: "2024-08-02T10:20:31.470Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-7261
Vulnerability from cvelistv5
Published
2024-09-03 02:10
Modified
2024-09-05 15:36
Severity ?
EPSS score ?
Summary
The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4)
and earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1)
and earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Zyxel | NWA1123ACv3 firmware |
Version: <= 6.70(ABVT.4) |
||||||||||||||||
|
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "usg_lite_60ax_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "V2.00\\(ACIP.2\\)", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nwa1123acv3_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nwa1123acv3_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "6.70\\(ABVT.4\\)", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wac500_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wac500_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "6.70\\(ABVS.4\\)", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wax655e_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wax655e_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "7.00\\(ACDO.1\\)", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wbe530_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "7.00\\(ACLE.1\\)", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-7261", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-05T03:55:55.275964Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-05T15:36:14.807Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NWA1123ACv3 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.70(ABVT.4)", }, ], }, { defaultStatus: "unaffected", product: "WAC500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.70(ABVS.4)", }, ], }, { defaultStatus: "unaffected", product: "WAX655E firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 7.00(ACDO.1)", }, ], }, { defaultStatus: "unaffected", product: "WBE530 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 7.00(ACLE.1)", }, ], }, { defaultStatus: "unaffected", product: "USG LITE 60AX firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "V2.00(ACIP.2)", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\n<span style=\"background-color: rgb(255, 255, 255);\">and earlier</span>, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\n<span style=\"background-color: rgb(255, 255, 255);\">and earlier</span>, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.", }, ], value: "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\nand earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\nand earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-03T02:10:25.112Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-7261", datePublished: "2024-09-03T02:10:25.112Z", dateReserved: "2024-07-30T02:42:19.589Z", dateUpdated: "2024-09-05T15:36:14.807Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26531
Vulnerability from cvelistv5
Published
2022-05-24 00:00
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Zyxel | USG/ZyWALL series firmware |
Version: 4.09 through 4.71 |
||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:33.155Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, { name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "USG/ZyWALL series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.09 through 4.71", }, ], }, { product: "USG FLEX series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.50 through 5.21", }, ], }, { product: "ATP series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.32 through 5.21", }, ], }, { product: "VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.30 through 5.21", }, ], }, { product: "NSG series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "1.00 through 1.33 Patch 4", }, ], }, { product: "NXC2500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.10(AAIG.3)", }, ], }, { product: "NAP203 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.25(ABFA.7)", }, ], }, { product: "NWA50AX firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.25(ABYW.5)", }, ], }, { product: "WAC500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.30(ABVS.2)", }, ], }, { product: "WAX510D firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.30(ABTF.2)", }, ], }, ], descriptions: [ { lang: "en", value: "Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20: Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-09T18:05:56.732587", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, { name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, { url: "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html", }, ], }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2022-26531", datePublished: "2022-05-24T00:00:00", dateReserved: "2022-03-07T00:00:00", dateUpdated: "2024-08-03T05:03:33.155Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2022-05-24 06:15
Modified
2024-11-21 06:54
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "286FA4D2-DD37-4EFD-BCC4-98791B7E4F74", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "441EB008-4265-4569-A7B0-A5CAF0CA6B70", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFF1F98B-2B0C-46C6-AE43-EB652BA0800C", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3B6387BE-5DED-4D27-AACC-1F42DCB90A40", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D636401-CD8D-4D2C-9BEA-1C6F96D2FEA6", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD3684E5-F119-4BD9-A29A-C35C293BC058", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFC4992F-FF30-44E8-9041-4BA082D3549B", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "071225C7-8311-4C89-9633-AE5DB4800B01", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABF7A7FD-95D3-4343-9CE2-DFF8DBE8D125", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D952940F-FFEF-4480-9BD8-5E7CB1C27B2E", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_110_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "55B9C186-0EF6-457D-A865-93BEE28C03DB", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*", matchCriteriaId: "C7E32879-01A2-49B1-A354-068CEB1CA3A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_1100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D64DDA0B-FB12-49DA-818A-77D61B6328EB", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4B9AC6-7C55-42BD-A1D8-F5D5A19AC59D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_1900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F944352D-3F2E-4E67-9B0C-FCA488F49FDB", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*", matchCriteriaId: "92CE6F04-403B-4A52-A3A5-DD0190CF15D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_20w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18A8D2A1-CA75-4DAE-8C78-67E2588AD037", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*", matchCriteriaId: "6CD5A4AB-0CC2-4CAF-AAFA-0F866174842F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC6943C7-8559-414D-9A6A-865EEFBF223C", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E0597A0E-9416-4D2E-BAF5-BEFAAE1BB93E", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "32F7F370-C585-45FE-A7F7-40BFF13928CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B139EC4B-07CA-4D2C-8FBB-5C03F67ED169", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*", matchCriteriaId: "38B7995C-80E0-413B-9F2C-387EF3703927", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07F551AE-EB73-4B97-AFBA-23A201FBAA02", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*", matchCriteriaId: "D84DDB81-DE66-4427-8833-633B45A45A14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E469A8A0-D909-4713-ABA8-F2589452E193", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*", matchCriteriaId: "8F11F36C-60DB-4D81-A320-53EEE43758C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25670F1E-F6BA-4B2C-957F-4DCF1B112DBD", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*", matchCriteriaId: "C65DB5E9-2FE3-4807-970E-A42FDF82B50E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "095FB855-F923-41C8-A3C7-E252FCD57EB5", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*", matchCriteriaId: "82864EF6-B63D-4947-A18C-AE0156CCA7FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "19D358C5-E3CE-4362-94C2-6C8715AB9D54", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B18C8637-E459-482F-B977-7BA1A3D99CA7", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0015FD08-61BF-4022-9F84-12010EA1D5A9", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E4B752C-2CAD-4A72-9660-27B57B3EB7FC", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "39FCAC29-3FD8-49DF-A216-3393D9724DA7", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11A390EA-14B4-4A83-9215-2A8EEF10A564", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*", matchCriteriaId: "3F7F15F3-9A55-462F-8AE3-EE71B759DE68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F4C6D9E-87AB-4BEB-A9CF-EA767FC25437", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*", matchCriteriaId: "3F5C3A2C-12EA-4FAE-B088-665A90494685", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96C73B83-E2B8-402A-BC4F-4044D16F6D2C", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*", matchCriteriaId: "EAFF1122-755A-4531-AA2E-FD6E8478F92F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C95C785-5428-405C-A1DE-1E2202556178", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*", matchCriteriaId: "231547C3-33B8-42B7-983E-AA3C6CA5D107", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB666972-E152-45A6-BF0F-2F442565A9A9", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*", matchCriteriaId: "CC3082ED-A564-494D-8427-B61F15F6DD88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B39851C-29CA-4C74-8A3D-BA8AFB22D889", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*", matchCriteriaId: "F302801D-3720-4598-8458-A8938BD6CB46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A4A4415-2061-4BB3-B8AF-F492B4935F5F", versionEndExcluding: "1.33", versionStartIncluding: "1.00", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:-:*:*:*:*:*:*", matchCriteriaId: "D43F6C03-E7EE-43B9-81B7-2B298134A591", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch1:*:*:*:*:*:*", matchCriteriaId: "8872BA61-9164-48EC-8D7B-C41FCE76F32C", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch2:*:*:*:*:*:*", matchCriteriaId: "83FD24D6-959A-41D1-B7A3-6D06205EA8C9", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch3:*:*:*:*:*:*", matchCriteriaId: "CB5660D2-3C80-42CF-B91C-61212B1EA351", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch4:*:*:*:*:*:*", matchCriteriaId: "E83EFC74-309F-42BF-A2B5-850184B4BF20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nsg300:-:*:*:*:*:*:*:*", matchCriteriaId: "58B0886D-9AF4-453F-96DB-7ABAA5EE3B78", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "66EEF757-9B89-4D05-93DC-0B35CB5578AA", versionEndExcluding: "1.33", versionStartIncluding: "1.00", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:-:*:*:*:*:*:*", matchCriteriaId: "70DE2243-00D1-4C94-B53B-659F48BAFF08", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch1:*:*:*:*:*:*", matchCriteriaId: "E0722C8A-DACE-4FC8-8197-678CF4F6E0C9", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch2:*:*:*:*:*:*", matchCriteriaId: "3ED9A278-5B95-4607-B832-A2AB7FB8A9A6", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch3:*:*:*:*:*:*", matchCriteriaId: "DA5E8CF5-C7D8-4827-BE19-AC4EB7E66AC1", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch4:*:*:*:*:*:*", matchCriteriaId: "415A2C9A-005A-433D-A423-F5D9CA6C8A19", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nsg100:-:*:*:*:*:*:*:*", matchCriteriaId: "D6C5054F-BCC7-4E00-8786-24F85B2A200E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "734BB40E-9A07-4508-8C49-5A21072691B4", versionEndExcluding: "1.33", versionStartIncluding: "1.00", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:-:*:*:*:*:*:*", matchCriteriaId: "E549004C-F19F-4F2D-8522-849C008B2132", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch1:*:*:*:*:*:*", matchCriteriaId: "013AE5DA-537B-4198-A55C-17FD08F7CB9F", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch2:*:*:*:*:*:*", matchCriteriaId: "E0D0898D-A7C6-441B-A0C8-BA7B5B2E362F", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch3:*:*:*:*:*:*", matchCriteriaId: "D8E83137-D14D-4143-8D38-59787AAE36D3", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch4:*:*:*:*:*:*", matchCriteriaId: "00CB6F78-BA15-489E-BCD8-25CECB8FCBED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nsg50:-:*:*:*:*:*:*:*", matchCriteriaId: "8B084120-41C6-4F3C-9803-9C178EB4DE91", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nxc2500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "099AC2B1-7352-43EC-811A-89937FA1E2E3", versionEndIncluding: "6.10\\(aaig.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nxc2500:-:*:*:*:*:*:*:*", matchCriteriaId: "BADED427-DEFF-4213-836B-C8EF0531C39A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nxc5500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "012B7439-FDDB-464D-8D11-AAAF54E9F59A", versionEndIncluding: "6.10\\(aaos.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nxc5500:-:*:*:*:*:*:*:*", matchCriteriaId: "5A334B8B-8750-4519-B485-0AB0CECD212B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00D41E43-D7BA-4927-9966-2847E12270E6", versionEndIncluding: "6.25\\(abfa.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap203:-:*:*:*:*:*:*:*", matchCriteriaId: "80AE2CEA-90AC-421A-86BB-F404CDE7785D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93110B5F-CB02-4413-9588-35B47D7A5CE3", versionEndIncluding: "6.25\\(abex.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap303:-:*:*:*:*:*:*:*", matchCriteriaId: "C4BF5D4C-DB8E-4077-BE78-C73AA203406C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C44494F9-1ADA-4A3D-8FBA-D0D97C3DACB5", versionEndIncluding: "6.25\\(abey.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap353:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCEC13E-3D1C-4B42-87F5-94FE1066C218", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A696580F-3993-4653-B48E-AAB7D1A2B7DC", versionEndIncluding: "6.25\\(abyw.5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E809B8FE-DBF8-4B7F-B33E-939750D08617", versionEndIncluding: "6.25\\(abzl.5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "554C9C1E-EE3C-4BD7-95CF-9748167EA691", versionEndIncluding: "6.27\\(accv.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDFAECE0-C011-4488-89A8-249972CA0773", versionEndIncluding: "6.30\\(abtg.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5DD8FF80-E4B1-4521-B2D3-B2B4B4049A14", versionEndIncluding: "6.30\\(abtd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123-ac-hd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF0819A0-7616-467F-BF17-59302EADCA0C", versionEndIncluding: "6.25\\(abin.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123-ac-hd:-:*:*:*:*:*:*:*", matchCriteriaId: "27F719D3-0D19-4D92-9570-4B1A48AD5670", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "858A8B50-515B-4CD3-B07C-3633EE605CC9", versionEndIncluding: "6.25\\(abhd.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123-ac-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9DC66B07-67FB-47F6-B54B-E40BE89F33A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF0C532C-D263-4EDA-8127-0CE61A02353A", versionEndIncluding: "6.30\\(abvt.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*", matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1302-ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A9DF9C2-7BD9-456D-8D27-DD6966A0B4AA", versionEndIncluding: "6.25\\(abku.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1302-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA514BB-B688-4EBD-9530-F5112F7503F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa5123-ac-hd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A775E4A-4672-494E-A5A4-D906180092FA", versionEndIncluding: "6.25\\(abim.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa5123-ac-hd:-:*:*:*:*:*:*:*", matchCriteriaId: "1808BC03-AE4E-4AB7-996D-89081808720B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "528A7200-2884-4849-82EC-516A6BAB9DD2", versionEndIncluding: "6.30\\(abwa.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD646A37-5CE7-4B9D-9F9A-0443F5A35047", versionEndIncluding: "6.30\\(abvs.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*", matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac5302d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EC5ABF47-C899-4C1B-AFFB-11F37B2CA1B2", versionEndIncluding: "6.10\\(abfh.10\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac5302d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "E4AA4FC1-E3E4-499F-B0C1-22B738DA4DA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "97843B29-E50B-4451-8583-9120A30908D4", versionEndIncluding: "6.25\\(abvz.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*", matchCriteriaId: "A690501F-DC2D-4F90-ABC0-33B5F1279C36", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4DDC631C-0510-4E30-B896-B218ABE618AA", versionEndIncluding: "6.25\\(aaxh.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*", matchCriteriaId: "341DB051-7F01-4B36-BA15-EBC25FACB439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0126F87D-14E9-402B-975A-FB11855D1E6C", versionEndIncluding: "6.25\\(abgl.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F08117-0BCE-4EA1-8DA7-1AC4EFF67E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C5701D95-35AC-489B-8348-E3AC32D1626D", versionEndIncluding: "6.25\\(aasd.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6502d-e:-:*:*:*:*:*:*:*", matchCriteriaId: "FD8842C8-FB0A-46F0-9BB4-CAC6334D1E51", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00AA8697-6B5D-439C-8E9A-B0B1EBDF1496", versionEndIncluding: "6.25\\(aase.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "DD108388-ABE5-4142-910F-C3C8B1C13617", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7ADC5F9-B1CE-474A-958F-F6267507A5E1", versionEndIncluding: "6.25\\(aasf.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6553d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A467110-CF4D-45CB-8855-EBA5D5985294", versionEndIncluding: "6.25\\(aasg.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6553d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "DD45FA01-D2BF-441A-8669-1190F79D206B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "978F6DD8-A04F-4DC0-8497-4F6454FA3235", versionEndIncluding: "6.25\\(abio.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "CD47738A-9001-4CC1-8FED-1D1CFC56F548", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F272586C-292F-409C-9BDB-D9D70C0C3D2A", versionEndIncluding: "6.30\\(abtf.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86B43BD3-CA22-4D81-9281-78A3B23FAC60", versionEndIncluding: "6.30\\(abte.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A26EEF52-DC36-4D5C-9E2F-25238615B2BC", versionEndIncluding: "6.30\\(abzd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AAF35E44-DC87-49EC-868A-C721CC4FFD3B", versionEndIncluding: "6.30\\(abrm.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.", }, { lang: "es", value: "Una vulnerabilidad de inyección de argumentos en el comando CLI \"packet-trace\" de Zyxel USG/ZyWALL versiones 4.09 hasta 4.71, USG FLEX series versiones 4.50 hasta 5.21, ATP series versiones 4.32 hasta 5.21, VPN series versiones 4.30 hasta 5.21, NSG series versiones 1.00 hasta 1.33 Patch 4, NXC2500 versión de firmware 6.10(AAIG.3 ) y versiones anteriores, NAP203 versión de firmware 6.25(ABFA.7) y versiones anteriores, NWA50AX versión de firmware 6.25(ABYW.5) y versiones anteriores, WAC500 versión de firmware 6.30(ABVS.2) y versiones anteriores, WAX510D versión de firmware 6.30(ABTF.2) y versiones anteriores, que podría permitir a un atacante local autenticado ejecutar comandos arbitrarios del sistema operativo mediante una inclusión de argumentos diseñados en el comando CLI", }, ], id: "CVE-2022-26532", lastModified: "2024-11-21T06:54:07.663", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "security@zyxel.com.tw", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-05-24T06:15:09.390", references: [ { source: "security@zyxel.com.tw", url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, { source: "security@zyxel.com.tw", url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-88", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-24 18:15
Modified
2024-11-21 07:45
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84A41F09-4474-4ABC-B2FA-92B17F63A7CA", versionEndExcluding: "5.36", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "73E39B94-291E-4E3A-8A89-B74FF063BA05", versionEndExcluding: "5.36", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7728D2C4-0B0A-404E-92BC-AAA1A1987BFD", versionEndExcluding: "5.36", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8B7E5F75-5577-4511-A1F4-1BD142D60BD5", versionEndExcluding: "5.36", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8F79940-F737-4A71-9FAC-1F99E0BCE450", versionEndExcluding: "5.36", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "791D6928-BE82-4678-A8A4-39C9D9A1C684", versionEndExcluding: "5.36", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC95F84E-95A0-4FB8-942A-732E022E3CC6", versionEndExcluding: "5.36", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07895A23-2B15-4631-A55A-798B35A63E2D", versionEndExcluding: "5.36", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F65ACDFE-3A54-46D6-98CA-2D51957072AF", versionEndExcluding: "5.36", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B8FF81-5020-429E-ABC7-D0F18A5177F5", versionEndExcluding: "5.36", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD0F817C-6388-41E2-9F80-9B5427036865", versionEndExcluding: "5.36", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7D65F0EC-7ACA-4B80-8D4E-2C1459837D15", versionEndExcluding: "5.36", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "224300FB-2462-4E88-A41E-E9E8EAE9CF48", versionEndExcluding: "5.36", versionStartIncluding: "4.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F61480ED-BBF0-49EC-A814-CEFDE1FBFA08", versionEndExcluding: "5.36", versionStartIncluding: "4.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7079103C-ED92-40C3-AF42-4689822A96E2", versionEndExcluding: "5.36", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "7239C54F-EC9E-44B4-AE33-1D36E5448219", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB329984-D2A1-40B4-826D-78643B8DD4C8", versionEndExcluding: "5.36", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5DB62871-BC40-43D8-A486-471CD9316332", versionEndExcluding: "5.36", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0135FFF-62FA-4AEA-8B67-1CCA2D85D8E0", versionEndExcluding: "5.36", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B01FA34A-CA33-48E7-978C-638FC678C9C1", versionEndExcluding: "5.36", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85AA4E30-0A0E-4353-B88D-A856B83162DF", versionEndIncluding: "6.28\\(abfa.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap203:-:*:*:*:*:*:*:*", matchCriteriaId: "80AE2CEA-90AC-421A-86BB-F404CDE7785D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36AD6F34-B17E-4853-9375-62B51DE5F1D2", versionEndIncluding: "6.28\\(abex.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap303:-:*:*:*:*:*:*:*", matchCriteriaId: "C4BF5D4C-DB8E-4077-BE78-C73AA203406C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "49E8EA12-187E-402B-866A-9125B2287292", versionEndIncluding: "6.28\\(abey.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap353:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCEC13E-3D1C-4B42-87F5-94FE1066C218", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58E64F26-5465-4BD8-A948-39022B5AAA52", versionEndIncluding: "6.50\\(abtg.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123-ac_hd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E8DEEFBF-DD32-40E5-A431-BE6A93D529A4", versionEndIncluding: "6.25\\(abin.9\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123-ac_hd:-:*:*:*:*:*:*:*", matchCriteriaId: "1A0FB576-76A2-4A25-979E-5E5B3BF5C636", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3448A074-A9B8-40BD-8DFA-E7097E402750", versionEndIncluding: "6.28\\(abhd.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123-ac-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9DC66B07-67FB-47F6-B54B-E40BE89F33A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BFC6F464-DAE9-42CE-9339-C5E35B90B17B", versionEndIncluding: "6.50\\(abvt.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*", matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCE46E92-D9DD-439C-BD41-88738FA652B7", versionEndIncluding: "6.50\\(abtd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DECB1230-D22C-4FBD-909C-6315B66B189D", versionEndIncluding: "6.50\\(acco.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "6E03F755-424D-4248-9076-ED7BECEB94C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0B73F329-98E5-496F-BE38-47DD023DCB64", versionEndIncluding: "6.55\\(acge.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5804045-E32E-40E0-B42E-80755C385974", versionEndIncluding: "6.50\\(acge.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "D7DD6E6B-61EC-4E60-8244-56ADB26F2234", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa5123-ac_hd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "881C0001-B6CA-409D-8901-653227098219", versionEndIncluding: "6.25\\(abim.9\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa5123-ac_hd:-:*:*:*:*:*:*:*", matchCriteriaId: "4D85300F-9207-438C-A149-80FC7C6C0746", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4484EA94-3E1D-4DA8-B612-A35D50DC1103", versionEndIncluding: "6.29\\(abzl.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3D091EB4-A1FC-4E5F-AEE2-6EF879DC5B0A", versionEndIncluding: "6.29\\(accv.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D4FF6556-2B10-4A8C-9325-0A6D4B41E529", versionEndIncluding: "6.50\\(acgf.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA44855-B135-44BD-AE21-FC58CD647AB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4D277464-AF76-4799-9B71-E96CB12BE0C0", versionEndIncluding: "6.50\\(abvs.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*", matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "57DFDE05-C95F-446B-BA97-98EBA11C9794", versionEndIncluding: "6.50\\(abwa.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84A8FBD7-8461-474E-AFB1-BCAE24D4A2CD", versionEndIncluding: "6.25\\(abvz.9\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*", matchCriteriaId: "A690501F-DC2D-4F90-ABC0-33B5F1279C36", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3DF539FD-EDEA-4D37-8F1C-267884A617EF", versionEndIncluding: "6.28\\(aaxh.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*", matchCriteriaId: "341DB051-7F01-4B36-BA15-EBC25FACB439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "622C2163-0B2F-4A32-B5C4-4111B8EC9096", versionEndIncluding: "6.25\\(abgl.9\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F08117-0BCE-4EA1-8DA7-1AC4EFF67E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A929856C-58D2-41AB-9EAC-E655123FD4FE", versionEndIncluding: "6.28\\(aasd.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6502d-e:-:*:*:*:*:*:*:*", matchCriteriaId: "FD8842C8-FB0A-46F0-9BB4-CAC6334D1E51", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AB36BF49-E31B-4F35-84B9-3EF20989FE2A", versionEndIncluding: "6.28\\(aase.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "DD108388-ABE5-4142-910F-C3C8B1C13617", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCA23320-A0E2-4A63-A20A-1F5FD7504C5F", versionEndIncluding: "6.28\\(aasf.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E49B6FA1-4FCE-4802-8FCA-988048D9A595", versionEndIncluding: "6.28\\(abio.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "CD47738A-9001-4CC1-8FED-1D1CFC56F548", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6553d-e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD253268-2B7D-43BF-86BD-E603A52FD98A", versionEndIncluding: "6.28\\(aasg.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6553d-e:-:*:*:*:*:*:*:*", matchCriteriaId: "55273BCE-4F2C-4ED9-9FCB-D1197555BD53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B0C89819-CCB6-42A0-8045-850D544D1BBA", versionEndIncluding: "6.50\\(abtf.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA21E78C-585A-4689-96B7-18C5DB44D2DE", versionEndIncluding: "6.50\\(abte.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B470158-EE21-45EB-BDEC-5396DE9CB23C", versionEndIncluding: "6.50\\(accn.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43DD5397-02A9-40DD-BD02-052095CB8DDB", versionEndIncluding: "6.50\\(abzd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F946BABC-A982-4625-AD9F-962C6FBDFDE9", versionEndIncluding: "6.50\\(accm.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "20E4E9A0-DF92-47B7-94D6-0867E3171E47", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2260165C-2483-4F48-8E70-DC82B5DA1554", versionEndIncluding: "6.50\\(abrm.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6B0AE56-107B-41E2-A06A-BC8DC0A32FE7", versionEndIncluding: "6.50\\(acdo.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*", matchCriteriaId: "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.", }, ], id: "CVE-2023-22918", lastModified: "2024-11-21T07:45:38.940", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-24T18:15:09.027", references: [ { source: "security@zyxel.com.tw", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-359", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-03 03:15
Modified
2024-09-13 19:39
Severity ?
Summary
The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4)
and earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1)
and earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4516EB83-8B99-40BD-94E5-CBD5057107B8", versionEndExcluding: "7.00\\(abtg.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123-ac_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9875CD66-9249-4702-88E5-B1239FA4AD29", versionEndExcluding: "6.28\\(abhd.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123-ac_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "145723DB-C34B-4C2A-B3C2-7A5CFEF503CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C88D274-D770-46F9-A802-93B1C72C3802", versionEndExcluding: "6.70\\(abvt.5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*", matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa130be_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1D1105DC-E628-45C7-BB10-6EFB8038FC46", versionEndExcluding: "7.00\\(acil.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa130be:-:*:*:*:*:*:*:*", matchCriteriaId: "782F9AB7-3464-4BFE-B502-B62CD51A8865", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E4F03710-B004-4AA1-BBE3-FD6AD2ABF681", versionEndExcluding: "7.00\\(abtd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BFD8274A-8135-4C3F-9998-4F13170DC5BD", versionEndExcluding: "7.00\\(acco.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "6E03F755-424D-4248-9076-ED7BECEB94C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "439ED873-6DBF-4B67-B7B6-B285D885093C", versionEndExcluding: "7.00\\(abyw.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "76456787-1EB9-4585-A2D3-CAD77786B3EF", versionEndExcluding: "7.00\\(acge.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "F36E7DCD-08BA-4FA1-9A8E-ADE956704132", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "319234D0-CBED-43AD-B21C-E3893786FA00", versionEndExcluding: "7.00\\(abzl.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0BA77A46-A9BF-46A7-BCC3-0851FD2EDB4B", versionEndExcluding: "7.00\\(accv.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C991363D-0CD5-4242-9B6D-903B6C71F3F3", versionEndExcluding: "7.00\\(acgf.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "480A495A-A4C4-4696-B500-B6333C79A28B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC39E0F3-D1D4-41BE-ABF1-F01A7AC1F959", versionEndExcluding: "v2.00\\(acip.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_lite_60ax:-:*:*:*:*:*:*:*", matchCriteriaId: "EC710993-3E55-4C88-A261-0A67F5069071", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4E3E89C7-C3DA-4B4E-A8F1-EF854EB61C0C", versionEndExcluding: "6.70\\(abvs.5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*", matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84A27C2E-140D-4554-8AD1-D9EBB76CF9D5", versionEndExcluding: "6.70\\(abwa.5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0867C187-0BF0-4F4E-B291-3858810724D6", versionEndExcluding: "6.28\\(aaxh.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*", matchCriteriaId: "341DB051-7F01-4B36-BA15-EBC25FACB439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7DBA0866-22E5-4CE6-886C-CE21E6A4E6B0", versionEndExcluding: "6.28\\(aase.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "DD108388-ABE5-4142-910F-C3C8B1C13617", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45449005-459C-4062-97FB-31B7CB249E21", versionEndExcluding: "6.28\\(aasf.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8C083097-E839-49ED-B4A8-8AEF5C502E47", versionEndExcluding: "6.28\\(abio.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "CD47738A-9001-4CC1-8FED-1D1CFC56F548", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6553d-e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04666D56-1996-461E-B8AB-C5BCA6399EE8", versionEndExcluding: "6.28\\(aasg.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6553d-e:-:*:*:*:*:*:*:*", matchCriteriaId: "55273BCE-4F2C-4ED9-9FCB-D1197555BD53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FBEEF0EC-A325-4D02-B69E-AE24A4669C57", versionEndExcluding: "7.00\\(achf.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax300h:-:*:*:*:*:*:*:*", matchCriteriaId: "C3073565-BCDF-46EA-8FB0-E9BF402A5122", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6295B167-56B0-4F68-8163-0ECCA7ED5E0C", versionEndExcluding: "7.00\\(abtf.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "924067FC-8230-440A-B596-05F3A39C3456", versionEndExcluding: "7.00\\(abte.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "24A073C2-4124-49F1-BCBF-1508A310DCA0", versionEndExcluding: "7.00\\(accn.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC244157-2D23-4DC2-A809-869948AC2096", versionEndExcluding: "7.00\\(abzd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "10075392-47BE-4B55-BEEF-6D259C6AFDF5", versionEndExcluding: "7.00\\(accm.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "20E4E9A0-DF92-47B7-94D6-0867E3171E47", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "794E19F4-ED5D-403C-BFA7-7D089FACC45F", versionEndExcluding: "7.00\\(abrm.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E1F72E5-0336-4565-802F-75A746DD4AA9", versionEndExcluding: "7.00\\(acdo.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*", matchCriteriaId: "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C302D991-2BAB-4C64-B0E0-EAEE19F79765", versionEndExcluding: "7.00\\(acle.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wbe530:-:*:*:*:*:*:*:*", matchCriteriaId: "3061579E-C708-42BC-86FC-B6223B941335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52534374-242E-457F-A794-8A1AEFECA38F", versionEndExcluding: "7.00\\(acgg.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*", matchCriteriaId: "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\nand earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\nand earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.", }, { lang: "es", value: "La neutralización incorrecta de elementos especiales en el parámetro \"host\" en el programa CGI de la versión de firmware 6.70(ABVT.4) y anteriores de Zyxel NWA1123ACv3, la versión de firmware 6.70(ABVS.4) y anteriores de WAC500, la versión de firmware 7.00(ACDO.1) y anteriores de WAX655E, la versión de firmware 7.00(ACLE.1) y anteriores de WBE530, y la versión de firmware V2.00(ACIP.2) de USG LITE 60AX podría permitir que un atacante no autenticado ejecute comandos del sistema operativo enviando una cookie manipulada a un dispositivo vulnerable.", }, ], id: "CVE-2024-7261", lastModified: "2024-09-13T19:39:40.570", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-09-03T03:15:03.940", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "security@zyxel.com.tw", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-05-24 06:15
Modified
2024-11-21 06:54
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "286FA4D2-DD37-4EFD-BCC4-98791B7E4F74", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "441EB008-4265-4569-A7B0-A5CAF0CA6B70", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFF1F98B-2B0C-46C6-AE43-EB652BA0800C", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3B6387BE-5DED-4D27-AACC-1F42DCB90A40", versionEndIncluding: "5.21", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D636401-CD8D-4D2C-9BEA-1C6F96D2FEA6", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD3684E5-F119-4BD9-A29A-C35C293BC058", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFC4992F-FF30-44E8-9041-4BA082D3549B", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "071225C7-8311-4C89-9633-AE5DB4800B01", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABF7A7FD-95D3-4343-9CE2-DFF8DBE8D125", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D952940F-FFEF-4480-9BD8-5E7CB1C27B2E", versionEndIncluding: "5.21", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_110_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "55B9C186-0EF6-457D-A865-93BEE28C03DB", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*", matchCriteriaId: "C7E32879-01A2-49B1-A354-068CEB1CA3A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_1100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D64DDA0B-FB12-49DA-818A-77D61B6328EB", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4B9AC6-7C55-42BD-A1D8-F5D5A19AC59D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_1900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F944352D-3F2E-4E67-9B0C-FCA488F49FDB", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*", matchCriteriaId: "92CE6F04-403B-4A52-A3A5-DD0190CF15D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_20w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18A8D2A1-CA75-4DAE-8C78-67E2588AD037", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*", matchCriteriaId: "6CD5A4AB-0CC2-4CAF-AAFA-0F866174842F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC6943C7-8559-414D-9A6A-865EEFBF223C", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E0597A0E-9416-4D2E-BAF5-BEFAAE1BB93E", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "32F7F370-C585-45FE-A7F7-40BFF13928CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B139EC4B-07CA-4D2C-8FBB-5C03F67ED169", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*", matchCriteriaId: "38B7995C-80E0-413B-9F2C-387EF3703927", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07F551AE-EB73-4B97-AFBA-23A201FBAA02", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*", matchCriteriaId: "D84DDB81-DE66-4427-8833-633B45A45A14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E469A8A0-D909-4713-ABA8-F2589452E193", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*", matchCriteriaId: "8F11F36C-60DB-4D81-A320-53EEE43758C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25670F1E-F6BA-4B2C-957F-4DCF1B112DBD", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*", matchCriteriaId: "C65DB5E9-2FE3-4807-970E-A42FDF82B50E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "095FB855-F923-41C8-A3C7-E252FCD57EB5", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*", matchCriteriaId: "82864EF6-B63D-4947-A18C-AE0156CCA7FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "19D358C5-E3CE-4362-94C2-6C8715AB9D54", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B18C8637-E459-482F-B977-7BA1A3D99CA7", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0015FD08-61BF-4022-9F84-12010EA1D5A9", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E4B752C-2CAD-4A72-9660-27B57B3EB7FC", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "39FCAC29-3FD8-49DF-A216-3393D9724DA7", versionEndIncluding: "5.21", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11A390EA-14B4-4A83-9215-2A8EEF10A564", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*", matchCriteriaId: "3F7F15F3-9A55-462F-8AE3-EE71B759DE68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F4C6D9E-87AB-4BEB-A9CF-EA767FC25437", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*", matchCriteriaId: "3F5C3A2C-12EA-4FAE-B088-665A90494685", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96C73B83-E2B8-402A-BC4F-4044D16F6D2C", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*", matchCriteriaId: "EAFF1122-755A-4531-AA2E-FD6E8478F92F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C95C785-5428-405C-A1DE-1E2202556178", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*", matchCriteriaId: "231547C3-33B8-42B7-983E-AA3C6CA5D107", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB666972-E152-45A6-BF0F-2F442565A9A9", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*", matchCriteriaId: "CC3082ED-A564-494D-8427-B61F15F6DD88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B39851C-29CA-4C74-8A3D-BA8AFB22D889", versionEndIncluding: "4.71", versionStartIncluding: "4.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*", matchCriteriaId: "F302801D-3720-4598-8458-A8938BD6CB46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A4A4415-2061-4BB3-B8AF-F492B4935F5F", versionEndExcluding: "1.33", versionStartIncluding: "1.00", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:-:*:*:*:*:*:*", matchCriteriaId: "D43F6C03-E7EE-43B9-81B7-2B298134A591", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch1:*:*:*:*:*:*", matchCriteriaId: "8872BA61-9164-48EC-8D7B-C41FCE76F32C", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch2:*:*:*:*:*:*", matchCriteriaId: "83FD24D6-959A-41D1-B7A3-6D06205EA8C9", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch3:*:*:*:*:*:*", matchCriteriaId: "CB5660D2-3C80-42CF-B91C-61212B1EA351", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch4:*:*:*:*:*:*", matchCriteriaId: "E83EFC74-309F-42BF-A2B5-850184B4BF20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nsg300:-:*:*:*:*:*:*:*", matchCriteriaId: "58B0886D-9AF4-453F-96DB-7ABAA5EE3B78", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "66EEF757-9B89-4D05-93DC-0B35CB5578AA", versionEndExcluding: "1.33", versionStartIncluding: "1.00", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:-:*:*:*:*:*:*", matchCriteriaId: "70DE2243-00D1-4C94-B53B-659F48BAFF08", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch1:*:*:*:*:*:*", matchCriteriaId: "E0722C8A-DACE-4FC8-8197-678CF4F6E0C9", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch2:*:*:*:*:*:*", matchCriteriaId: "3ED9A278-5B95-4607-B832-A2AB7FB8A9A6", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch3:*:*:*:*:*:*", matchCriteriaId: "DA5E8CF5-C7D8-4827-BE19-AC4EB7E66AC1", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch4:*:*:*:*:*:*", matchCriteriaId: "415A2C9A-005A-433D-A423-F5D9CA6C8A19", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nsg100:-:*:*:*:*:*:*:*", matchCriteriaId: "D6C5054F-BCC7-4E00-8786-24F85B2A200E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "734BB40E-9A07-4508-8C49-5A21072691B4", versionEndExcluding: "1.33", versionStartIncluding: "1.00", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:-:*:*:*:*:*:*", matchCriteriaId: "E549004C-F19F-4F2D-8522-849C008B2132", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch1:*:*:*:*:*:*", matchCriteriaId: "013AE5DA-537B-4198-A55C-17FD08F7CB9F", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch2:*:*:*:*:*:*", matchCriteriaId: "E0D0898D-A7C6-441B-A0C8-BA7B5B2E362F", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch3:*:*:*:*:*:*", matchCriteriaId: "D8E83137-D14D-4143-8D38-59787AAE36D3", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch4:*:*:*:*:*:*", matchCriteriaId: "00CB6F78-BA15-489E-BCD8-25CECB8FCBED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nsg50:-:*:*:*:*:*:*:*", matchCriteriaId: "8B084120-41C6-4F3C-9803-9C178EB4DE91", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nxc2500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "099AC2B1-7352-43EC-811A-89937FA1E2E3", versionEndIncluding: "6.10\\(aaig.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nxc2500:-:*:*:*:*:*:*:*", matchCriteriaId: "BADED427-DEFF-4213-836B-C8EF0531C39A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nxc5500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "012B7439-FDDB-464D-8D11-AAAF54E9F59A", versionEndIncluding: "6.10\\(aaos.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nxc5500:-:*:*:*:*:*:*:*", matchCriteriaId: "5A334B8B-8750-4519-B485-0AB0CECD212B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00D41E43-D7BA-4927-9966-2847E12270E6", versionEndIncluding: "6.25\\(abfa.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap203:-:*:*:*:*:*:*:*", matchCriteriaId: "80AE2CEA-90AC-421A-86BB-F404CDE7785D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93110B5F-CB02-4413-9588-35B47D7A5CE3", versionEndIncluding: "6.25\\(abex.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap303:-:*:*:*:*:*:*:*", matchCriteriaId: "C4BF5D4C-DB8E-4077-BE78-C73AA203406C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C44494F9-1ADA-4A3D-8FBA-D0D97C3DACB5", versionEndIncluding: "6.25\\(abey.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap353:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCEC13E-3D1C-4B42-87F5-94FE1066C218", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A696580F-3993-4653-B48E-AAB7D1A2B7DC", versionEndIncluding: "6.25\\(abyw.5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E809B8FE-DBF8-4B7F-B33E-939750D08617", versionEndIncluding: "6.25\\(abzl.5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "554C9C1E-EE3C-4BD7-95CF-9748167EA691", versionEndIncluding: "6.27\\(accv.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDFAECE0-C011-4488-89A8-249972CA0773", versionEndIncluding: "6.30\\(abtg.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5DD8FF80-E4B1-4521-B2D3-B2B4B4049A14", versionEndIncluding: "6.30\\(abtd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123-ac-hd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF0819A0-7616-467F-BF17-59302EADCA0C", versionEndIncluding: "6.25\\(abin.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123-ac-hd:-:*:*:*:*:*:*:*", matchCriteriaId: "27F719D3-0D19-4D92-9570-4B1A48AD5670", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "858A8B50-515B-4CD3-B07C-3633EE605CC9", versionEndIncluding: "6.25\\(abhd.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123-ac-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9DC66B07-67FB-47F6-B54B-E40BE89F33A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF0C532C-D263-4EDA-8127-0CE61A02353A", versionEndIncluding: "6.30\\(abvt.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*", matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1302-ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A9DF9C2-7BD9-456D-8D27-DD6966A0B4AA", versionEndIncluding: "6.25\\(abku.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1302-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA514BB-B688-4EBD-9530-F5112F7503F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa5123-ac-hd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A775E4A-4672-494E-A5A4-D906180092FA", versionEndIncluding: "6.25\\(abim.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa5123-ac-hd:-:*:*:*:*:*:*:*", matchCriteriaId: "1808BC03-AE4E-4AB7-996D-89081808720B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "528A7200-2884-4849-82EC-516A6BAB9DD2", versionEndIncluding: "6.30\\(abwa.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD646A37-5CE7-4B9D-9F9A-0443F5A35047", versionEndIncluding: "6.30\\(abvs.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*", matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac5302d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EC5ABF47-C899-4C1B-AFFB-11F37B2CA1B2", versionEndIncluding: "6.10\\(abfh.10\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac5302d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "E4AA4FC1-E3E4-499F-B0C1-22B738DA4DA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "97843B29-E50B-4451-8583-9120A30908D4", versionEndIncluding: "6.25\\(abvz.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*", matchCriteriaId: "A690501F-DC2D-4F90-ABC0-33B5F1279C36", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4DDC631C-0510-4E30-B896-B218ABE618AA", versionEndIncluding: "6.25\\(aaxh.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*", matchCriteriaId: "341DB051-7F01-4B36-BA15-EBC25FACB439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0126F87D-14E9-402B-975A-FB11855D1E6C", versionEndIncluding: "6.25\\(abgl.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F08117-0BCE-4EA1-8DA7-1AC4EFF67E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C5701D95-35AC-489B-8348-E3AC32D1626D", versionEndIncluding: "6.25\\(aasd.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6502d-e:-:*:*:*:*:*:*:*", matchCriteriaId: "FD8842C8-FB0A-46F0-9BB4-CAC6334D1E51", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00AA8697-6B5D-439C-8E9A-B0B1EBDF1496", versionEndIncluding: "6.25\\(aase.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "DD108388-ABE5-4142-910F-C3C8B1C13617", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7ADC5F9-B1CE-474A-958F-F6267507A5E1", versionEndIncluding: "6.25\\(aasf.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6553d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A467110-CF4D-45CB-8855-EBA5D5985294", versionEndIncluding: "6.25\\(aasg.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6553d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "DD45FA01-D2BF-441A-8669-1190F79D206B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "978F6DD8-A04F-4DC0-8497-4F6454FA3235", versionEndIncluding: "6.25\\(abio.7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "CD47738A-9001-4CC1-8FED-1D1CFC56F548", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F272586C-292F-409C-9BDB-D9D70C0C3D2A", versionEndIncluding: "6.30\\(abtf.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86B43BD3-CA22-4D81-9281-78A3B23FAC60", versionEndIncluding: "6.30\\(abte.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A26EEF52-DC36-4D5C-9E2F-25238615B2BC", versionEndIncluding: "6.30\\(abzd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AAF35E44-DC87-49EC-868A-C721CC4FFD3B", versionEndIncluding: "6.30\\(abrm.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.", }, { lang: "es", value: "Se han identificado varios fallos de comprobación de entrada inadecuados en algunos comandos CLI de las Zyxel USG/ZyWALL versiones de firmware 4.09 hasta 4.71, USG FLEX series versiones de firmware 4.50 hasta 5.21, ATP series versiones de firmware 4.32 hasta 5.21, VPN series versiones de firmware 4.30 a 5.21, NSG series versiones de firmware1.00 hasta 1.33 Patch 4, NXC2500 versión de firmware 6.10(AAIG.3 ) y versiones anteriores, el firmware NAP203 versión 6.25(ABFA.7) y versiones anteriores, NWA50AX versión de firmware 6.25(ABYW.5) y versiones anteriores, WAC500 versión de firmware 6.30(ABVS.2) y versiones anteriores, WAX510D versión de firmware 6.30(ABTF.2) y versiones anteriores, que podría permitir a un atacante local autenticado causar un desbordamiento del búfer o un bloqueo del sistema por medio de una carga útil diseñada", }, ], id: "CVE-2022-26531", lastModified: "2024-11-21T06:54:07.470", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4.2, source: "security@zyxel.com.tw", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-05-24T06:15:09.297", references: [ { source: "security@zyxel.com.tw", url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, { source: "security@zyxel.com.tw", url: "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html", }, { source: "security@zyxel.com.tw", url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2022/Jun/15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }