Vulnerabilites related to zyxel - wac6502d-s_firmware
cve-2022-26532
Vulnerability from cvelistv5
Published
2022-05-24 05:20
Modified
2024-08-03 05:03
Summary
A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.
Impacted products
Vendor Product Version
Zyxel USG/ZyWALL series firmware Version: 4.09 through 4.71
Zyxel USG FLEX series firmware Version: 4.50 through 5.21
Zyxel ATP series firmware Version: 4.32 through 5.21
Zyxel VPN series firmware Version: 4.30 through 5.21
Zyxel NSG series firmware Version: 1.00 through 1.33 Patch 4
Zyxel NXC2500 firmware Version: <= 6.10(AAIG.3)
Zyxel NAP203 firmware Version: <= 6.25(ABFA.7)
Zyxel NWA50AX firmware Version: <= 6.25(ABYW.5)
Zyxel WAC500 firmware Version: <= 6.30(ABVS.2)
Zyxel WAX510D firmware Version: <= 6.30(ABTF.2)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T05:03:32.963Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
               },
               {
                  name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh",
                  tags: [
                     "mailing-list",
                     "x_refsource_FULLDISC",
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2022/Jun/15",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "USG/ZyWALL series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "4.09 through 4.71",
                  },
               ],
            },
            {
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "4.50 through 5.21",
                  },
               ],
            },
            {
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "4.32 through 5.21",
                  },
               ],
            },
            {
               product: "VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "4.30 through 5.21",
                  },
               ],
            },
            {
               product: "NSG series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "1.00 through 1.33 Patch 4",
                  },
               ],
            },
            {
               product: "NXC2500 firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.10(AAIG.3)",
                  },
               ],
            },
            {
               product: "NAP203 firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.25(ABFA.7)",
                  },
               ],
            },
            {
               product: "NWA50AX firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.25(ABYW.5)",
                  },
               ],
            },
            {
               product: "WAC500 firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.30(ABVS.2)",
                  },
               ],
            },
            {
               product: "WAX510D firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.30(ABTF.2)",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-88",
                     description: "CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-06-19T18:06:10",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
            },
            {
               name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh",
               tags: [
                  "mailing-list",
                  "x_refsource_FULLDISC",
               ],
               url: "http://seclists.org/fulldisclosure/2022/Jun/15",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@zyxel.com.tw",
               ID: "CVE-2022-26532",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "USG/ZyWALL series firmware",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "4.09 through 4.71",
                                       },
                                    ],
                                 },
                              },
                              {
                                 product_name: "USG FLEX series firmware",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "4.50 through 5.21",
                                       },
                                    ],
                                 },
                              },
                              {
                                 product_name: "ATP series firmware",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "4.32 through 5.21",
                                       },
                                    ],
                                 },
                              },
                              {
                                 product_name: "VPN series firmware",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "4.30 through 5.21",
                                       },
                                    ],
                                 },
                              },
                              {
                                 product_name: "NSG series firmware",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "1.00 through 1.33 Patch 4",
                                       },
                                    ],
                                 },
                              },
                              {
                                 product_name: "NXC2500 firmware",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "<= 6.10(AAIG.3)",
                                       },
                                    ],
                                 },
                              },
                              {
                                 product_name: "NAP203 firmware",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "<= 6.25(ABFA.7)",
                                       },
                                    ],
                                 },
                              },
                              {
                                 product_name: "NWA50AX firmware",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "<= 6.25(ABYW.5)",
                                       },
                                    ],
                                 },
                              },
                              {
                                 product_name: "WAC500 firmware",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "<= 6.30(ABVS.2)",
                                       },
                                    ],
                                 },
                              },
                              {
                                 product_name: "WAX510D firmware",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "<= 6.30(ABTF.2)",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Zyxel",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.",
                  },
               ],
            },
            impact: {
               cvss: {
                  baseScore: "7.8",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
                     refsource: "CONFIRM",
                     url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
                  },
                  {
                     name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh",
                     refsource: "FULLDISC",
                     url: "http://seclists.org/fulldisclosure/2022/Jun/15",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2022-26532",
      datePublished: "2022-05-24T05:20:09",
      dateReserved: "2022-03-07T00:00:00",
      dateUpdated: "2024-08-03T05:03:32.963Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-22918
Vulnerability from cvelistv5
Published
2023-04-24 00:00
Modified
2024-08-02 10:20
Summary
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: 4.32 through 5.35
Zyxel USG FLEX series firmware Version: 4.50 through 5.35
Zyxel USG FLEX 50(W) firmware Version: 4.16 through 5.35
Zyxel USG20(W)-VPN firmware Version: 4.16 through 5.35
Zyxel VPN series firmware Version: 4.30 through 5.35
Zyxel NWA110AX firmware Version: <= 6.50(ABTG.2)
Zyxel WAC500 firmware Version: <= 6.50(ABVS.0)
Zyxel WAX510D firmware Version: <= 6.50(ABTF.2)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T10:20:31.470Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "4.32 through 5.35",
                  },
               ],
            },
            {
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "4.50 through 5.35",
                  },
               ],
            },
            {
               product: "USG FLEX 50(W) firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "4.16 through 5.35",
                  },
               ],
            },
            {
               product: "USG20(W)-VPN firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "4.16 through 5.35",
                  },
               ],
            },
            {
               product: "VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "4.30 through 5.35",
                  },
               ],
            },
            {
               product: "NWA110AX firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.50(ABTG.2)",
                  },
               ],
            },
            {
               product: "WAC500 firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.50(ABVS.0)",
                  },
               ],
            },
            {
               product: "WAX510D firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.50(ABTF.2)",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-359",
                     description: "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-04-24T00:00:00",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2023-22918",
      datePublished: "2023-04-24T00:00:00",
      dateReserved: "2023-01-10T00:00:00",
      dateUpdated: "2024-08-02T10:20:31.470Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-7261
Vulnerability from cvelistv5
Published
2024-09-03 02:10
Modified
2024-09-05 15:36
Severity ?
Summary
The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) and earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) and earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.
Impacted products
Vendor Product Version
Zyxel NWA1123ACv3 firmware Version: <= 6.70(ABVT.4)
Zyxel WAC500 firmware Version: <= 6.70(ABVS.4)
Zyxel WAX655E firmware Version: <= 7.00(ACDO.1)
Zyxel WBE530 firmware Version: <= 7.00(ACLE.1)
Zyxel USG LITE 60AX firmware Version: V2.00(ACIP.2)
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "usg_lite_60ax_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "V2.00\\(ACIP.2\\)",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:nwa1123acv3_firmware:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "nwa1123acv3_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "6.70\\(ABVT.4\\)",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:wac500_firmware:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "wac500_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "6.70\\(ABVS.4\\)",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:wax655e_firmware:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "wax655e_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "7.00\\(ACDO.1\\)",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "wbe530_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "7.00\\(ACLE.1\\)",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-7261",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-05T03:55:55.275964Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-05T15:36:14.807Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "NWA1123ACv3 firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.70(ABVT.4)",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "WAC500 firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.70(ABVS.4)",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "WAX655E firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 7.00(ACDO.1)",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "WBE530 firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 7.00(ACLE.1)",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG LITE 60AX firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "V2.00(ACIP.2)",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\n<span style=\"background-color: rgb(255, 255, 255);\">and earlier</span>, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\n<span style=\"background-color: rgb(255, 255, 255);\">and earlier</span>, and&nbsp;USG LITE 60AX firmware version&nbsp;V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.",
                  },
               ],
               value: "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\nand earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\nand earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-78",
                     description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-03T02:10:25.112Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2024-7261",
      datePublished: "2024-09-03T02:10:25.112Z",
      dateReserved: "2024-07-30T02:42:19.589Z",
      dateUpdated: "2024-09-05T15:36:14.807Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-26531
Vulnerability from cvelistv5
Published
2022-05-24 00:00
Modified
2024-08-03 05:03
Summary
Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.
Impacted products
Vendor Product Version
Zyxel USG/ZyWALL series firmware Version: 4.09 through 4.71
Zyxel USG FLEX series firmware Version: 4.50 through 5.21
Zyxel ATP series firmware Version: 4.32 through 5.21
Zyxel VPN series firmware Version: 4.30 through 5.21
Zyxel NSG series firmware Version: 1.00 through 1.33 Patch 4
Zyxel NXC2500 firmware Version: <= 6.10(AAIG.3)
Zyxel NAP203 firmware Version: <= 6.25(ABFA.7)
Zyxel NWA50AX firmware Version: <= 6.25(ABYW.5)
Zyxel WAC500 firmware Version: <= 6.30(ABVS.2)
Zyxel WAX510D firmware Version: <= 6.30(ABTF.2)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T05:03:33.155Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
               },
               {
                  name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2022/Jun/15",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "USG/ZyWALL series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "4.09 through 4.71",
                  },
               ],
            },
            {
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "4.50 through 5.21",
                  },
               ],
            },
            {
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "4.32 through 5.21",
                  },
               ],
            },
            {
               product: "VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "4.30 through 5.21",
                  },
               ],
            },
            {
               product: "NSG series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "1.00 through 1.33 Patch 4",
                  },
               ],
            },
            {
               product: "NXC2500 firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.10(AAIG.3)",
                  },
               ],
            },
            {
               product: "NAP203 firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.25(ABFA.7)",
                  },
               ],
            },
            {
               product: "NWA50AX firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.25(ABYW.5)",
                  },
               ],
            },
            {
               product: "WAC500 firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.30(ABVS.2)",
                  },
               ],
            },
            {
               product: "WAX510D firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "<= 6.30(ABTF.2)",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20: Improper Input Validation",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-02-09T18:05:56.732587",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
            },
            {
               name: "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh",
               tags: [
                  "mailing-list",
               ],
               url: "http://seclists.org/fulldisclosure/2022/Jun/15",
            },
            {
               url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html",
            },
            {
               url: "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2022-26531",
      datePublished: "2022-05-24T00:00:00",
      dateReserved: "2022-03-07T00:00:00",
      dateUpdated: "2024-08-03T05:03:33.155Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2022-05-24 06:15
Modified
2024-11-21 06:54
Summary
A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.
Impacted products
Vendor Product Version
zyxel vpn100_firmware *
zyxel vpn100 -
zyxel vpn1000_firmware *
zyxel vpn1000 -
zyxel vpn300_firmware *
zyxel vpn300 -
zyxel vpn50_firmware *
zyxel vpn50 -
zyxel atp100_firmware *
zyxel atp100 -
zyxel atp100w_firmware *
zyxel atp100w -
zyxel atp200_firmware *
zyxel atp200 -
zyxel atp500_firmware *
zyxel atp500 -
zyxel atp700_firmware *
zyxel atp700 -
zyxel atp800_firmware *
zyxel atp800 -
zyxel usg_110_firmware *
zyxel usg_110 -
zyxel usg_1100_firmware *
zyxel usg_1100 -
zyxel usg_1900_firmware *
zyxel usg_1900 -
zyxel usg_20w_firmware *
zyxel usg_20w -
zyxel usg_20w-vpn_firmware *
zyxel usg_20w-vpn -
zyxel usg_2200-vpn_firmware *
zyxel usg_2200-vpn -
zyxel usg_310_firmware *
zyxel usg_310 -
zyxel usg_40_firmware *
zyxel usg_40 -
zyxel usg_40w_firmware *
zyxel usg_40w -
zyxel usg_60_firmware *
zyxel usg_60 -
zyxel usg_60w_firmware *
zyxel usg_60w -
zyxel usg_flex_100_firmware *
zyxel usg_flex_100 -
zyxel usg_flex_100w_firmware *
zyxel usg_flex_100w -
zyxel usg_flex_200_firmware *
zyxel usg_flex_200 -
zyxel usg_flex_500_firmware *
zyxel usg_flex_500 -
zyxel usg_flex_700_firmware *
zyxel usg_flex_700 -
zyxel usg200_firmware *
zyxel usg200 -
zyxel usg20_firmware *
zyxel usg20 -
zyxel usg210_firmware *
zyxel usg210 -
zyxel usg2200_firmware *
zyxel usg2200 -
zyxel usg300_firmware *
zyxel usg300 -
zyxel usg310_firmware *
zyxel usg310 -
zyxel nsg300_firmware *
zyxel nsg300_firmware 1.33
zyxel nsg300_firmware 1.33
zyxel nsg300_firmware 1.33
zyxel nsg300_firmware 1.33
zyxel nsg300_firmware 1.33
zyxel nsg300 -
zyxel nsg100_firmware *
zyxel nsg100_firmware 1.33
zyxel nsg100_firmware 1.33
zyxel nsg100_firmware 1.33
zyxel nsg100_firmware 1.33
zyxel nsg100_firmware 1.33
zyxel nsg100 -
zyxel nsg50_firmware *
zyxel nsg50_firmware 1.33
zyxel nsg50_firmware 1.33
zyxel nsg50_firmware 1.33
zyxel nsg50_firmware 1.33
zyxel nsg50_firmware 1.33
zyxel nsg50 -
zyxel nxc2500_firmware *
zyxel nxc2500 -
zyxel nxc5500_firmware *
zyxel nxc5500 -
zyxel nap203_firmware *
zyxel nap203 -
zyxel nap303_firmware *
zyxel nap303 -
zyxel nap353_firmware *
zyxel nap353 -
zyxel nwa50ax_firmware *
zyxel nwa50ax -
zyxel nwa55axe_firmware *
zyxel nwa55axe -
zyxel nwa90ax_firmware *
zyxel nwa90ax -
zyxel nwa110ax_firmware *
zyxel nwa110ax -
zyxel nwa210ax_firmware *
zyxel nwa210ax -
zyxel nwa1123-ac-hd_firmware *
zyxel nwa1123-ac-hd -
zyxel nwa1123-ac-pro_firmware *
zyxel nwa1123-ac-pro -
zyxel nwa1123acv3_firmware *
zyxel nwa1123acv3 -
zyxel nwa1302-ac_firmware *
zyxel nwa1302-ac -
zyxel nwa5123-ac-hd_firmware *
zyxel nwa5123-ac-hd -
zyxel wac500h_firmware *
zyxel wac500h -
zyxel wac500_firmware *
zyxel wac500 -
zyxel wac5302d-s_firmware *
zyxel wac5302d-s -
zyxel wac5302d-sv2_firmware *
zyxel wac5302d-sv2 -
zyxel wac6103d-i_firmware *
zyxel wac6103d-i -
zyxel wac6303d-s_firmware *
zyxel wac6303d-s -
zyxel wac6502d-e_firmware *
zyxel wac6502d-e -
zyxel wac6502d-s_firmware *
zyxel wac6502d-s -
zyxel wac6503d-s_firmware *
zyxel wac6503d-s -
zyxel wac6553d-s_firmware *
zyxel wac6553d-s -
zyxel wac6552d-s_firmware *
zyxel wac6552d-s -
zyxel wax510d_firmware *
zyxel wax510d -
zyxel wax610d_firmware *
zyxel wax610d -
zyxel wax630s_firmware *
zyxel wax630s -
zyxel wax650s_firmware *
zyxel wax650s -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "286FA4D2-DD37-4EFD-BCC4-98791B7E4F74",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "441EB008-4265-4569-A7B0-A5CAF0CA6B70",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AFF1F98B-2B0C-46C6-AE43-EB652BA0800C",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B6387BE-5DED-4D27-AACC-1F42DCB90A40",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D636401-CD8D-4D2C-9BEA-1C6F96D2FEA6",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD3684E5-F119-4BD9-A29A-C35C293BC058",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AFC4992F-FF30-44E8-9041-4BA082D3549B",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "071225C7-8311-4C89-9633-AE5DB4800B01",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ABF7A7FD-95D3-4343-9CE2-DFF8DBE8D125",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D952940F-FFEF-4480-9BD8-5E7CB1C27B2E",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_110_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "55B9C186-0EF6-457D-A865-93BEE28C03DB",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C7E32879-01A2-49B1-A354-068CEB1CA3A5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_1100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D64DDA0B-FB12-49DA-818A-77D61B6328EB",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC4B9AC6-7C55-42BD-A1D8-F5D5A19AC59D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_1900_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F944352D-3F2E-4E67-9B0C-FCA488F49FDB",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92CE6F04-403B-4A52-A3A5-DD0190CF15D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_20w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "18A8D2A1-CA75-4DAE-8C78-67E2588AD037",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6CD5A4AB-0CC2-4CAF-AAFA-0F866174842F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC6943C7-8559-414D-9A6A-865EEFBF223C",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0597A0E-9416-4D2E-BAF5-BEFAAE1BB93E",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "32F7F370-C585-45FE-A7F7-40BFF13928CF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_310_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B139EC4B-07CA-4D2C-8FBB-5C03F67ED169",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "38B7995C-80E0-413B-9F2C-387EF3703927",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "07F551AE-EB73-4B97-AFBA-23A201FBAA02",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D84DDB81-DE66-4427-8833-633B45A45A14",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E469A8A0-D909-4713-ABA8-F2589452E193",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F11F36C-60DB-4D81-A320-53EEE43758C1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "25670F1E-F6BA-4B2C-957F-4DCF1B112DBD",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C65DB5E9-2FE3-4807-970E-A42FDF82B50E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "095FB855-F923-41C8-A3C7-E252FCD57EB5",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "82864EF6-B63D-4947-A18C-AE0156CCA7FA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "19D358C5-E3CE-4362-94C2-6C8715AB9D54",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B18C8637-E459-482F-B977-7BA1A3D99CA7",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0015FD08-61BF-4022-9F84-12010EA1D5A9",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E4B752C-2CAD-4A72-9660-27B57B3EB7FC",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "39FCAC29-3FD8-49DF-A216-3393D9724DA7",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "11A390EA-14B4-4A83-9215-2A8EEF10A564",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3F7F15F3-9A55-462F-8AE3-EE71B759DE68",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F4C6D9E-87AB-4BEB-A9CF-EA767FC25437",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3F5C3A2C-12EA-4FAE-B088-665A90494685",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "96C73B83-E2B8-402A-BC4F-4044D16F6D2C",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EAFF1122-755A-4531-AA2E-FD6E8478F92F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C95C785-5428-405C-A1DE-1E2202556178",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "231547C3-33B8-42B7-983E-AA3C6CA5D107",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB666972-E152-45A6-BF0F-2F442565A9A9",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC3082ED-A564-494D-8427-B61F15F6DD88",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9B39851C-29CA-4C74-8A3D-BA8AFB22D889",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F302801D-3720-4598-8458-A8938BD6CB46",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A4A4415-2061-4BB3-B8AF-F492B4935F5F",
                     versionEndExcluding: "1.33",
                     versionStartIncluding: "1.00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:-:*:*:*:*:*:*",
                     matchCriteriaId: "D43F6C03-E7EE-43B9-81B7-2B298134A591",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "8872BA61-9164-48EC-8D7B-C41FCE76F32C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "83FD24D6-959A-41D1-B7A3-6D06205EA8C9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CB5660D2-3C80-42CF-B91C-61212B1EA351",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "E83EFC74-309F-42BF-A2B5-850184B4BF20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nsg300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "58B0886D-9AF4-453F-96DB-7ABAA5EE3B78",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "66EEF757-9B89-4D05-93DC-0B35CB5578AA",
                     versionEndExcluding: "1.33",
                     versionStartIncluding: "1.00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:-:*:*:*:*:*:*",
                     matchCriteriaId: "70DE2243-00D1-4C94-B53B-659F48BAFF08",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "E0722C8A-DACE-4FC8-8197-678CF4F6E0C9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED9A278-5B95-4607-B832-A2AB7FB8A9A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "DA5E8CF5-C7D8-4827-BE19-AC4EB7E66AC1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "415A2C9A-005A-433D-A423-F5D9CA6C8A19",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nsg100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6C5054F-BCC7-4E00-8786-24F85B2A200E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg50_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "734BB40E-9A07-4508-8C49-5A21072691B4",
                     versionEndExcluding: "1.33",
                     versionStartIncluding: "1.00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:-:*:*:*:*:*:*",
                     matchCriteriaId: "E549004C-F19F-4F2D-8522-849C008B2132",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "013AE5DA-537B-4198-A55C-17FD08F7CB9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "E0D0898D-A7C6-441B-A0C8-BA7B5B2E362F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "D8E83137-D14D-4143-8D38-59787AAE36D3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "00CB6F78-BA15-489E-BCD8-25CECB8FCBED",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nsg50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8B084120-41C6-4F3C-9803-9C178EB4DE91",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nxc2500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "099AC2B1-7352-43EC-811A-89937FA1E2E3",
                     versionEndIncluding: "6.10\\(aaig.3\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nxc2500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BADED427-DEFF-4213-836B-C8EF0531C39A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nxc5500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "012B7439-FDDB-464D-8D11-AAAF54E9F59A",
                     versionEndIncluding: "6.10\\(aaos.3\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nxc5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A334B8B-8750-4519-B485-0AB0CECD212B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "00D41E43-D7BA-4927-9966-2847E12270E6",
                     versionEndIncluding: "6.25\\(abfa.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nap203:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80AE2CEA-90AC-421A-86BB-F404CDE7785D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "93110B5F-CB02-4413-9588-35B47D7A5CE3",
                     versionEndIncluding: "6.25\\(abex.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nap303:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4BF5D4C-DB8E-4077-BE78-C73AA203406C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C44494F9-1ADA-4A3D-8FBA-D0D97C3DACB5",
                     versionEndIncluding: "6.25\\(abey.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nap353:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3BCEC13E-3D1C-4B42-87F5-94FE1066C218",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A696580F-3993-4653-B48E-AAB7D1A2B7DC",
                     versionEndIncluding: "6.25\\(abyw.5\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E809B8FE-DBF8-4B7F-B33E-939750D08617",
                     versionEndIncluding: "6.25\\(abzl.5\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "554C9C1E-EE3C-4BD7-95CF-9748167EA691",
                     versionEndIncluding: "6.27\\(accv.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DDFAECE0-C011-4488-89A8-249972CA0773",
                     versionEndIncluding: "6.30\\(abtg.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5DD8FF80-E4B1-4521-B2D3-B2B4B4049A14",
                     versionEndIncluding: "6.30\\(abtd.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1123-ac-hd_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF0819A0-7616-467F-BF17-59302EADCA0C",
                     versionEndIncluding: "6.25\\(abin.6\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123-ac-hd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "27F719D3-0D19-4D92-9570-4B1A48AD5670",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "858A8B50-515B-4CD3-B07C-3633EE605CC9",
                     versionEndIncluding: "6.25\\(abhd.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123-ac-pro:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9DC66B07-67FB-47F6-B54B-E40BE89F33A9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF0C532C-D263-4EDA-8127-0CE61A02353A",
                     versionEndIncluding: "6.30\\(abvt.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1302-ac_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A9DF9C2-7BD9-456D-8D27-DD6966A0B4AA",
                     versionEndIncluding: "6.25\\(abku.6\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1302-ac:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFA514BB-B688-4EBD-9530-F5112F7503F6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa5123-ac-hd_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A775E4A-4672-494E-A5A4-D906180092FA",
                     versionEndIncluding: "6.25\\(abim.6\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa5123-ac-hd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1808BC03-AE4E-4AB7-996D-89081808720B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "528A7200-2884-4849-82EC-516A6BAB9DD2",
                     versionEndIncluding: "6.30\\(abwa.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD646A37-5CE7-4B9D-9F9A-0443F5A35047",
                     versionEndIncluding: "6.30\\(abvs.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac5302d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC5ABF47-C899-4C1B-AFFB-11F37B2CA1B2",
                     versionEndIncluding: "6.10\\(abfh.10\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac5302d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E4AA4FC1-E3E4-499F-B0C1-22B738DA4DA8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "97843B29-E50B-4451-8583-9120A30908D4",
                     versionEndIncluding: "6.25\\(abvz.6\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A690501F-DC2D-4F90-ABC0-33B5F1279C36",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4DDC631C-0510-4E30-B896-B218ABE618AA",
                     versionEndIncluding: "6.25\\(aaxh.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "341DB051-7F01-4B36-BA15-EBC25FACB439",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0126F87D-14E9-402B-975A-FB11855D1E6C",
                     versionEndIncluding: "6.25\\(abgl.6\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0F08117-0BCE-4EA1-8DA7-1AC4EFF67E2F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5701D95-35AC-489B-8348-E3AC32D1626D",
                     versionEndIncluding: "6.25\\(aasd.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6502d-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD8842C8-FB0A-46F0-9BB4-CAC6334D1E51",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "00AA8697-6B5D-439C-8E9A-B0B1EBDF1496",
                     versionEndIncluding: "6.25\\(aase.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD108388-ABE5-4142-910F-C3C8B1C13617",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C7ADC5F9-B1CE-474A-958F-F6267507A5E1",
                     versionEndIncluding: "6.25\\(aasf.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6553d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A467110-CF4D-45CB-8855-EBA5D5985294",
                     versionEndIncluding: "6.25\\(aasg.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6553d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD45FA01-D2BF-441A-8669-1190F79D206B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "978F6DD8-A04F-4DC0-8497-4F6454FA3235",
                     versionEndIncluding: "6.25\\(abio.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD47738A-9001-4CC1-8FED-1D1CFC56F548",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F272586C-292F-409C-9BDB-D9D70C0C3D2A",
                     versionEndIncluding: "6.30\\(abtf.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "86B43BD3-CA22-4D81-9281-78A3B23FAC60",
                     versionEndIncluding: "6.30\\(abte.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A26EEF52-DC36-4D5C-9E2F-25238615B2BC",
                     versionEndIncluding: "6.30\\(abzd.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AAF35E44-DC87-49EC-868A-C721CC4FFD3B",
                     versionEndIncluding: "6.30\\(abrm.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de inyección de argumentos en el comando CLI \"packet-trace\" de Zyxel USG/ZyWALL versiones 4.09 hasta 4.71, USG FLEX series versiones 4.50 hasta 5.21, ATP series versiones 4.32 hasta 5.21, VPN series versiones 4.30 hasta 5.21, NSG series versiones 1.00 hasta 1.33 Patch 4, NXC2500 versión de firmware 6.10(AAIG.3 ) y versiones anteriores, NAP203 versión de firmware 6.25(ABFA.7) y versiones anteriores, NWA50AX versión de firmware 6.25(ABYW.5) y versiones anteriores, WAC500 versión de firmware 6.30(ABVS.2) y versiones anteriores, WAX510D versión de firmware 6.30(ABTF.2) y versiones anteriores, que podría permitir a un atacante local autenticado ejecutar comandos arbitrarios del sistema operativo mediante una inclusión de argumentos diseñados en el comando CLI",
      },
   ],
   id: "CVE-2022-26532",
   lastModified: "2024-11-21T06:54:07.663",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "security@zyxel.com.tw",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-05-24T06:15:09.390",
   references: [
      {
         source: "security@zyxel.com.tw",
         url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html",
      },
      {
         source: "security@zyxel.com.tw",
         url: "http://seclists.org/fulldisclosure/2022/Jun/15",
      },
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://seclists.org/fulldisclosure/2022/Jun/15",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-88",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-04-24 18:15
Modified
2024-11-21 07:45
Summary
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.
Impacted products
Vendor Product Version
zyxel atp200_firmware *
zyxel atp200 -
zyxel atp100_firmware *
zyxel atp100 -
zyxel atp700_firmware *
zyxel atp700 -
zyxel atp500_firmware *
zyxel atp500 -
zyxel atp100w_firmware *
zyxel atp100w -
zyxel atp800_firmware *
zyxel atp800 -
zyxel usg_flex_100_firmware *
zyxel usg_flex_100 -
zyxel usg_flex_50_firmware *
zyxel usg_flex_50 -
zyxel usg_flex_200_firmware *
zyxel usg_flex_200 -
zyxel usg_flex_500_firmware *
zyxel usg_flex_500 -
zyxel usg_flex_700_firmware *
zyxel usg_flex_700 -
zyxel usg_flex_100w_firmware *
zyxel usg_flex_100w -
zyxel usg_20w-vpn_firmware *
zyxel usg_20w-vpn -
zyxel usg_flex_50w_firmware *
zyxel usg_flex_50w -
zyxel usg20-vpn_firmware *
zyxel usg20-vpn -
zyxel vpn100_firmware *
zyxel vpn100 -
zyxel vpn1000_firmware *
zyxel vpn1000 -
zyxel vpn300_firmware *
zyxel vpn300 -
zyxel vpn50_firmware *
zyxel vpn50 -
zyxel nap203_firmware *
zyxel nap203 -
zyxel nap303_firmware *
zyxel nap303 -
zyxel nap353_firmware *
zyxel nap353 -
zyxel nwa110ax_firmware *
zyxel nwa110ax -
zyxel nwa1123-ac_hd_firmware *
zyxel nwa1123-ac_hd -
zyxel nwa1123-ac-pro_firmware *
zyxel nwa1123-ac-pro -
zyxel nwa1123acv3_firmware *
zyxel nwa1123acv3 -
zyxel nwa210ax_firmware *
zyxel nwa210ax -
zyxel nwa220ax-6e_firmware *
zyxel nwa220ax-6e -
zyxel nwa50ax_firmware *
zyxel nwa50ax -
zyxel nwa50ax-pro_firmware *
zyxel nwa50ax-pro -
zyxel nwa5123-ac_hd_firmware *
zyxel nwa5123-ac_hd -
zyxel nwa55axe_firmware *
zyxel nwa55axe -
zyxel nwa90ax_firmware *
zyxel nwa90ax -
zyxel nwa90ax-pro_firmware *
zyxel nwa90ax-pro -
zyxel wac500_firmware *
zyxel wac500 -
zyxel wac500h_firmware *
zyxel wac500h -
zyxel wac5302d-sv2_firmware *
zyxel wac5302d-sv2 -
zyxel wac6103d-i_firmware *
zyxel wac6103d-i -
zyxel wac6303d-s_firmware *
zyxel wac6303d-s -
zyxel wac6502d-e_firmware *
zyxel wac6502d-e -
zyxel wac6502d-s_firmware *
zyxel wac6502d-s -
zyxel wac6503d-s_firmware *
zyxel wac6503d-s -
zyxel wac6552d-s_firmware *
zyxel wac6552d-s -
zyxel wac6553d-e_firmware *
zyxel wac6553d-e -
zyxel wax510d_firmware *
zyxel wax510d -
zyxel wax610d_firmware *
zyxel wax610d -
zyxel wax620d-6e_firmware *
zyxel wax620d-6e -
zyxel wax630s_firmware *
zyxel wax630s -
zyxel wax640s-6e_firmware *
zyxel wax640s-6e -
zyxel wax650s_firmware *
zyxel wax650s -
zyxel wax655e_firmware *
zyxel wax655e -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "84A41F09-4474-4ABC-B2FA-92B17F63A7CA",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "73E39B94-291E-4E3A-8A89-B74FF063BA05",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7728D2C4-0B0A-404E-92BC-AAA1A1987BFD",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8B7E5F75-5577-4511-A1F4-1BD142D60BD5",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8F79940-F737-4A71-9FAC-1F99E0BCE450",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "791D6928-BE82-4678-A8A4-39C9D9A1C684",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC95F84E-95A0-4FB8-942A-732E022E3CC6",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "07895A23-2B15-4631-A55A-798B35A63E2D",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F65ACDFE-3A54-46D6-98CA-2D51957072AF",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C0B8FF81-5020-429E-ABC7-D0F18A5177F5",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD0F817C-6388-41E2-9F80-9B5427036865",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7D65F0EC-7ACA-4B80-8D4E-2C1459837D15",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "224300FB-2462-4E88-A41E-E9E8EAE9CF48",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F61480ED-BBF0-49EC-A814-CEFDE1FBFA08",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7079103C-ED92-40C3-AF42-4689822A96E2",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7239C54F-EC9E-44B4-AE33-1D36E5448219",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB329984-D2A1-40B4-826D-78643B8DD4C8",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5DB62871-BC40-43D8-A486-471CD9316332",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0135FFF-62FA-4AEA-8B67-1CCA2D85D8E0",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B01FA34A-CA33-48E7-978C-638FC678C9C1",
                     versionEndExcluding: "5.36",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "85AA4E30-0A0E-4353-B88D-A856B83162DF",
                     versionEndIncluding: "6.28\\(abfa.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nap203:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80AE2CEA-90AC-421A-86BB-F404CDE7785D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "36AD6F34-B17E-4853-9375-62B51DE5F1D2",
                     versionEndIncluding: "6.28\\(abex.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nap303:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4BF5D4C-DB8E-4077-BE78-C73AA203406C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "49E8EA12-187E-402B-866A-9125B2287292",
                     versionEndIncluding: "6.28\\(abey.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nap353:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3BCEC13E-3D1C-4B42-87F5-94FE1066C218",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "58E64F26-5465-4BD8-A948-39022B5AAA52",
                     versionEndIncluding: "6.50\\(abtg.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1123-ac_hd_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8DEEFBF-DD32-40E5-A431-BE6A93D529A4",
                     versionEndIncluding: "6.25\\(abin.9\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123-ac_hd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A0FB576-76A2-4A25-979E-5E5B3BF5C636",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3448A074-A9B8-40BD-8DFA-E7097E402750",
                     versionEndIncluding: "6.28\\(abhd.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123-ac-pro:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9DC66B07-67FB-47F6-B54B-E40BE89F33A9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BFC6F464-DAE9-42CE-9339-C5E35B90B17B",
                     versionEndIncluding: "6.50\\(abvt.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCE46E92-D9DD-439C-BD41-88738FA652B7",
                     versionEndIncluding: "6.50\\(abtd.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DECB1230-D22C-4FBD-909C-6315B66B189D",
                     versionEndIncluding: "6.50\\(acco.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E03F755-424D-4248-9076-ED7BECEB94C5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B73F329-98E5-496F-BE38-47DD023DCB64",
                     versionEndIncluding: "6.55\\(acge.1\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5804045-E32E-40E0-B42E-80755C385974",
                     versionEndIncluding: "6.50\\(acge.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7DD6E6B-61EC-4E60-8244-56ADB26F2234",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa5123-ac_hd_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "881C0001-B6CA-409D-8901-653227098219",
                     versionEndIncluding: "6.25\\(abim.9\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa5123-ac_hd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D85300F-9207-438C-A149-80FC7C6C0746",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4484EA94-3E1D-4DA8-B612-A35D50DC1103",
                     versionEndIncluding: "6.29\\(abzl.1\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D091EB4-A1FC-4E5F-AEE2-6EF879DC5B0A",
                     versionEndIncluding: "6.29\\(accv.1\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4FF6556-2B10-4A8C-9325-0A6D4B41E529",
                     versionEndIncluding: "6.50\\(acgf.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFA44855-B135-44BD-AE21-FC58CD647AB6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D277464-AF76-4799-9B71-E96CB12BE0C0",
                     versionEndIncluding: "6.50\\(abvs.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "57DFDE05-C95F-446B-BA97-98EBA11C9794",
                     versionEndIncluding: "6.50\\(abwa.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "84A8FBD7-8461-474E-AFB1-BCAE24D4A2CD",
                     versionEndIncluding: "6.25\\(abvz.9\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A690501F-DC2D-4F90-ABC0-33B5F1279C36",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DF539FD-EDEA-4D37-8F1C-267884A617EF",
                     versionEndIncluding: "6.28\\(aaxh.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "341DB051-7F01-4B36-BA15-EBC25FACB439",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "622C2163-0B2F-4A32-B5C4-4111B8EC9096",
                     versionEndIncluding: "6.25\\(abgl.9\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0F08117-0BCE-4EA1-8DA7-1AC4EFF67E2F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A929856C-58D2-41AB-9EAC-E655123FD4FE",
                     versionEndIncluding: "6.28\\(aasd.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6502d-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD8842C8-FB0A-46F0-9BB4-CAC6334D1E51",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB36BF49-E31B-4F35-84B9-3EF20989FE2A",
                     versionEndIncluding: "6.28\\(aase.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD108388-ABE5-4142-910F-C3C8B1C13617",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CCA23320-A0E2-4A63-A20A-1F5FD7504C5F",
                     versionEndIncluding: "6.28\\(aasf.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E49B6FA1-4FCE-4802-8FCA-988048D9A595",
                     versionEndIncluding: "6.28\\(abio.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD47738A-9001-4CC1-8FED-1D1CFC56F548",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6553d-e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD253268-2B7D-43BF-86BD-E603A52FD98A",
                     versionEndIncluding: "6.28\\(aasg.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6553d-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55273BCE-4F2C-4ED9-9FCB-D1197555BD53",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0C89819-CCB6-42A0-8045-850D544D1BBA",
                     versionEndIncluding: "6.50\\(abtf.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA21E78C-585A-4689-96B7-18C5DB44D2DE",
                     versionEndIncluding: "6.50\\(abte.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6B470158-EE21-45EB-BDEC-5396DE9CB23C",
                     versionEndIncluding: "6.50\\(accn.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "43DD5397-02A9-40DD-BD02-052095CB8DDB",
                     versionEndIncluding: "6.50\\(abzd.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F946BABC-A982-4625-AD9F-962C6FBDFDE9",
                     versionEndIncluding: "6.50\\(accm.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "20E4E9A0-DF92-47B7-94D6-0867E3171E47",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2260165C-2483-4F48-8E70-DC82B5DA1554",
                     versionEndIncluding: "6.50\\(abrm.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6B0AE56-107B-41E2-A06A-BC8DC0A32FE7",
                     versionEndIncluding: "6.50\\(acdo.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.",
      },
   ],
   id: "CVE-2023-22918",
   lastModified: "2024-11-21T07:45:38.940",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "security@zyxel.com.tw",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-04-24T18:15:09.027",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-359",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-09-03 03:15
Modified
2024-09-13 19:39
Severity ?
Summary
The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) and earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) and earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4516EB83-8B99-40BD-94E5-CBD5057107B8",
                     versionEndExcluding: "7.00\\(abtg.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1123-ac_pro_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9875CD66-9249-4702-88E5-B1239FA4AD29",
                     versionEndExcluding: "6.28\\(abhd.3\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123-ac_pro:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "145723DB-C34B-4C2A-B3C2-7A5CFEF503CA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C88D274-D770-46F9-A802-93B1C72C3802",
                     versionEndExcluding: "6.70\\(abvt.5\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa130be_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1D1105DC-E628-45C7-BB10-6EFB8038FC46",
                     versionEndExcluding: "7.00\\(acil.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa130be:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "782F9AB7-3464-4BFE-B502-B62CD51A8865",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E4F03710-B004-4AA1-BBE3-FD6AD2ABF681",
                     versionEndExcluding: "7.00\\(abtd.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BFD8274A-8135-4C3F-9998-4F13170DC5BD",
                     versionEndExcluding: "7.00\\(acco.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E03F755-424D-4248-9076-ED7BECEB94C5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "439ED873-6DBF-4B67-B7B6-B285D885093C",
                     versionEndExcluding: "7.00\\(abyw.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa50ax_pro_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "76456787-1EB9-4585-A2D3-CAD77786B3EF",
                     versionEndExcluding: "7.00\\(acge.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa50ax_pro:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F36E7DCD-08BA-4FA1-9A8E-ADE956704132",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "319234D0-CBED-43AD-B21C-E3893786FA00",
                     versionEndExcluding: "7.00\\(abzl.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA77A46-A9BF-46A7-BCC3-0851FD2EDB4B",
                     versionEndExcluding: "7.00\\(accv.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa90ax_pro_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C991363D-0CD5-4242-9B6D-903B6C71F3F3",
                     versionEndExcluding: "7.00\\(acgf.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa90ax_pro:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "480A495A-A4C4-4696-B500-B6333C79A28B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC39E0F3-D1D4-41BE-ABF1-F01A7AC1F959",
                     versionEndExcluding: "v2.00\\(acip.3\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_lite_60ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC710993-3E55-4C88-A261-0A67F5069071",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E3E89C7-C3DA-4B4E-A8F1-EF854EB61C0C",
                     versionEndExcluding: "6.70\\(abvs.5\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "84A27C2E-140D-4554-8AD1-D9EBB76CF9D5",
                     versionEndExcluding: "6.70\\(abwa.5\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0867C187-0BF0-4F4E-B291-3858810724D6",
                     versionEndExcluding: "6.28\\(aaxh.3\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "341DB051-7F01-4B36-BA15-EBC25FACB439",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7DBA0866-22E5-4CE6-886C-CE21E6A4E6B0",
                     versionEndExcluding: "6.28\\(aase.3\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD108388-ABE5-4142-910F-C3C8B1C13617",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "45449005-459C-4062-97FB-31B7CB249E21",
                     versionEndExcluding: "6.28\\(aasf.3\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8C083097-E839-49ED-B4A8-8AEF5C502E47",
                     versionEndExcluding: "6.28\\(abio.3\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD47738A-9001-4CC1-8FED-1D1CFC56F548",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6553d-e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "04666D56-1996-461E-B8AB-C5BCA6399EE8",
                     versionEndExcluding: "6.28\\(aasg.3\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6553d-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55273BCE-4F2C-4ED9-9FCB-D1197555BD53",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FBEEF0EC-A325-4D02-B69E-AE24A4669C57",
                     versionEndExcluding: "7.00\\(achf.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax300h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C3073565-BCDF-46EA-8FB0-E9BF402A5122",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6295B167-56B0-4F68-8163-0ECCA7ED5E0C",
                     versionEndExcluding: "7.00\\(abtf.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "924067FC-8230-440A-B596-05F3A39C3456",
                     versionEndExcluding: "7.00\\(abte.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "24A073C2-4124-49F1-BCBF-1508A310DCA0",
                     versionEndExcluding: "7.00\\(accn.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC244157-2D23-4DC2-A809-869948AC2096",
                     versionEndExcluding: "7.00\\(abzd.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "10075392-47BE-4B55-BEEF-6D259C6AFDF5",
                     versionEndExcluding: "7.00\\(accm.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "20E4E9A0-DF92-47B7-94D6-0867E3171E47",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "794E19F4-ED5D-403C-BFA7-7D089FACC45F",
                     versionEndExcluding: "7.00\\(abrm.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E1F72E5-0336-4565-802F-75A746DD4AA9",
                     versionEndExcluding: "7.00\\(acdo.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C302D991-2BAB-4C64-B0E0-EAEE19F79765",
                     versionEndExcluding: "7.00\\(acle.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wbe530:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3061579E-C708-42BC-86FC-B6223B941335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "52534374-242E-457F-A794-8A1AEFECA38F",
                     versionEndExcluding: "7.00\\(acgg.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\nand earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\nand earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.",
      },
      {
         lang: "es",
         value: "La neutralización incorrecta de elementos especiales en el parámetro \"host\" en el programa CGI de la versión de firmware 6.70(ABVT.4) y anteriores de Zyxel NWA1123ACv3, la versión de firmware 6.70(ABVS.4) y anteriores de WAC500, la versión de firmware 7.00(ACDO.1) y anteriores de WAX655E, la versión de firmware 7.00(ACLE.1) y anteriores de WBE530, y la versión de firmware V2.00(ACIP.2) de USG LITE 60AX podría permitir que un atacante no autenticado ejecute comandos del sistema operativo enviando una cookie manipulada a un dispositivo vulnerable.",
      },
   ],
   id: "CVE-2024-7261",
   lastModified: "2024-09-13T19:39:40.570",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 9.8,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 5.9,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2024-09-03T03:15:03.940",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-05-24 06:15
Modified
2024-11-21 06:54
Summary
Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.
Impacted products
Vendor Product Version
zyxel vpn100_firmware *
zyxel vpn100 -
zyxel vpn1000_firmware *
zyxel vpn1000 -
zyxel vpn300_firmware *
zyxel vpn300 -
zyxel vpn50_firmware *
zyxel vpn50 -
zyxel atp100_firmware *
zyxel atp100 -
zyxel atp100w_firmware *
zyxel atp100w -
zyxel atp200_firmware *
zyxel atp200 -
zyxel atp500_firmware *
zyxel atp500 -
zyxel atp700_firmware *
zyxel atp700 -
zyxel atp800_firmware *
zyxel atp800 -
zyxel usg_110_firmware *
zyxel usg_110 -
zyxel usg_1100_firmware *
zyxel usg_1100 -
zyxel usg_1900_firmware *
zyxel usg_1900 -
zyxel usg_20w_firmware *
zyxel usg_20w -
zyxel usg_20w-vpn_firmware *
zyxel usg_20w-vpn -
zyxel usg_2200-vpn_firmware *
zyxel usg_2200-vpn -
zyxel usg_310_firmware *
zyxel usg_310 -
zyxel usg_40_firmware *
zyxel usg_40 -
zyxel usg_40w_firmware *
zyxel usg_40w -
zyxel usg_60_firmware *
zyxel usg_60 -
zyxel usg_60w_firmware *
zyxel usg_60w -
zyxel usg_flex_100_firmware *
zyxel usg_flex_100 -
zyxel usg_flex_100w_firmware *
zyxel usg_flex_100w -
zyxel usg_flex_200_firmware *
zyxel usg_flex_200 -
zyxel usg_flex_500_firmware *
zyxel usg_flex_500 -
zyxel usg_flex_700_firmware *
zyxel usg_flex_700 -
zyxel usg200_firmware *
zyxel usg200 -
zyxel usg20_firmware *
zyxel usg20 -
zyxel usg210_firmware *
zyxel usg210 -
zyxel usg2200_firmware *
zyxel usg2200 -
zyxel usg300_firmware *
zyxel usg300 -
zyxel usg310_firmware *
zyxel usg310 -
zyxel nsg300_firmware *
zyxel nsg300_firmware 1.33
zyxel nsg300_firmware 1.33
zyxel nsg300_firmware 1.33
zyxel nsg300_firmware 1.33
zyxel nsg300_firmware 1.33
zyxel nsg300 -
zyxel nsg100_firmware *
zyxel nsg100_firmware 1.33
zyxel nsg100_firmware 1.33
zyxel nsg100_firmware 1.33
zyxel nsg100_firmware 1.33
zyxel nsg100_firmware 1.33
zyxel nsg100 -
zyxel nsg50_firmware *
zyxel nsg50_firmware 1.33
zyxel nsg50_firmware 1.33
zyxel nsg50_firmware 1.33
zyxel nsg50_firmware 1.33
zyxel nsg50_firmware 1.33
zyxel nsg50 -
zyxel nxc2500_firmware *
zyxel nxc2500 -
zyxel nxc5500_firmware *
zyxel nxc5500 -
zyxel nap203_firmware *
zyxel nap203 -
zyxel nap303_firmware *
zyxel nap303 -
zyxel nap353_firmware *
zyxel nap353 -
zyxel nwa50ax_firmware *
zyxel nwa50ax -
zyxel nwa55axe_firmware *
zyxel nwa55axe -
zyxel nwa90ax_firmware *
zyxel nwa90ax -
zyxel nwa110ax_firmware *
zyxel nwa110ax -
zyxel nwa210ax_firmware *
zyxel nwa210ax -
zyxel nwa1123-ac-hd_firmware *
zyxel nwa1123-ac-hd -
zyxel nwa1123-ac-pro_firmware *
zyxel nwa1123-ac-pro -
zyxel nwa1123acv3_firmware *
zyxel nwa1123acv3 -
zyxel nwa1302-ac_firmware *
zyxel nwa1302-ac -
zyxel nwa5123-ac-hd_firmware *
zyxel nwa5123-ac-hd -
zyxel wac500h_firmware *
zyxel wac500h -
zyxel wac500_firmware *
zyxel wac500 -
zyxel wac5302d-s_firmware *
zyxel wac5302d-s -
zyxel wac5302d-sv2_firmware *
zyxel wac5302d-sv2 -
zyxel wac6103d-i_firmware *
zyxel wac6103d-i -
zyxel wac6303d-s_firmware *
zyxel wac6303d-s -
zyxel wac6502d-e_firmware *
zyxel wac6502d-e -
zyxel wac6502d-s_firmware *
zyxel wac6502d-s -
zyxel wac6503d-s_firmware *
zyxel wac6503d-s -
zyxel wac6553d-s_firmware *
zyxel wac6553d-s -
zyxel wac6552d-s_firmware *
zyxel wac6552d-s -
zyxel wax510d_firmware *
zyxel wax510d -
zyxel wax610d_firmware *
zyxel wax610d -
zyxel wax630s_firmware *
zyxel wax630s -
zyxel wax650s_firmware *
zyxel wax650s -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "286FA4D2-DD37-4EFD-BCC4-98791B7E4F74",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "441EB008-4265-4569-A7B0-A5CAF0CA6B70",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AFF1F98B-2B0C-46C6-AE43-EB652BA0800C",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B6387BE-5DED-4D27-AACC-1F42DCB90A40",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D636401-CD8D-4D2C-9BEA-1C6F96D2FEA6",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD3684E5-F119-4BD9-A29A-C35C293BC058",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AFC4992F-FF30-44E8-9041-4BA082D3549B",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "071225C7-8311-4C89-9633-AE5DB4800B01",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ABF7A7FD-95D3-4343-9CE2-DFF8DBE8D125",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D952940F-FFEF-4480-9BD8-5E7CB1C27B2E",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_110_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "55B9C186-0EF6-457D-A865-93BEE28C03DB",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C7E32879-01A2-49B1-A354-068CEB1CA3A5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_1100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D64DDA0B-FB12-49DA-818A-77D61B6328EB",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC4B9AC6-7C55-42BD-A1D8-F5D5A19AC59D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_1900_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F944352D-3F2E-4E67-9B0C-FCA488F49FDB",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92CE6F04-403B-4A52-A3A5-DD0190CF15D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_20w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "18A8D2A1-CA75-4DAE-8C78-67E2588AD037",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6CD5A4AB-0CC2-4CAF-AAFA-0F866174842F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC6943C7-8559-414D-9A6A-865EEFBF223C",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0597A0E-9416-4D2E-BAF5-BEFAAE1BB93E",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "32F7F370-C585-45FE-A7F7-40BFF13928CF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_310_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B139EC4B-07CA-4D2C-8FBB-5C03F67ED169",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "38B7995C-80E0-413B-9F2C-387EF3703927",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "07F551AE-EB73-4B97-AFBA-23A201FBAA02",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D84DDB81-DE66-4427-8833-633B45A45A14",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E469A8A0-D909-4713-ABA8-F2589452E193",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F11F36C-60DB-4D81-A320-53EEE43758C1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "25670F1E-F6BA-4B2C-957F-4DCF1B112DBD",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C65DB5E9-2FE3-4807-970E-A42FDF82B50E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "095FB855-F923-41C8-A3C7-E252FCD57EB5",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "82864EF6-B63D-4947-A18C-AE0156CCA7FA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "19D358C5-E3CE-4362-94C2-6C8715AB9D54",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B18C8637-E459-482F-B977-7BA1A3D99CA7",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0015FD08-61BF-4022-9F84-12010EA1D5A9",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E4B752C-2CAD-4A72-9660-27B57B3EB7FC",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "39FCAC29-3FD8-49DF-A216-3393D9724DA7",
                     versionEndIncluding: "5.21",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "11A390EA-14B4-4A83-9215-2A8EEF10A564",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3F7F15F3-9A55-462F-8AE3-EE71B759DE68",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F4C6D9E-87AB-4BEB-A9CF-EA767FC25437",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3F5C3A2C-12EA-4FAE-B088-665A90494685",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "96C73B83-E2B8-402A-BC4F-4044D16F6D2C",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EAFF1122-755A-4531-AA2E-FD6E8478F92F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C95C785-5428-405C-A1DE-1E2202556178",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "231547C3-33B8-42B7-983E-AA3C6CA5D107",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB666972-E152-45A6-BF0F-2F442565A9A9",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC3082ED-A564-494D-8427-B61F15F6DD88",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9B39851C-29CA-4C74-8A3D-BA8AFB22D889",
                     versionEndIncluding: "4.71",
                     versionStartIncluding: "4.09",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F302801D-3720-4598-8458-A8938BD6CB46",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A4A4415-2061-4BB3-B8AF-F492B4935F5F",
                     versionEndExcluding: "1.33",
                     versionStartIncluding: "1.00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:-:*:*:*:*:*:*",
                     matchCriteriaId: "D43F6C03-E7EE-43B9-81B7-2B298134A591",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "8872BA61-9164-48EC-8D7B-C41FCE76F32C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "83FD24D6-959A-41D1-B7A3-6D06205EA8C9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CB5660D2-3C80-42CF-B91C-61212B1EA351",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "E83EFC74-309F-42BF-A2B5-850184B4BF20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nsg300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "58B0886D-9AF4-453F-96DB-7ABAA5EE3B78",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "66EEF757-9B89-4D05-93DC-0B35CB5578AA",
                     versionEndExcluding: "1.33",
                     versionStartIncluding: "1.00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:-:*:*:*:*:*:*",
                     matchCriteriaId: "70DE2243-00D1-4C94-B53B-659F48BAFF08",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "E0722C8A-DACE-4FC8-8197-678CF4F6E0C9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED9A278-5B95-4607-B832-A2AB7FB8A9A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "DA5E8CF5-C7D8-4827-BE19-AC4EB7E66AC1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "415A2C9A-005A-433D-A423-F5D9CA6C8A19",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nsg100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6C5054F-BCC7-4E00-8786-24F85B2A200E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg50_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "734BB40E-9A07-4508-8C49-5A21072691B4",
                     versionEndExcluding: "1.33",
                     versionStartIncluding: "1.00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:-:*:*:*:*:*:*",
                     matchCriteriaId: "E549004C-F19F-4F2D-8522-849C008B2132",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "013AE5DA-537B-4198-A55C-17FD08F7CB9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "E0D0898D-A7C6-441B-A0C8-BA7B5B2E362F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "D8E83137-D14D-4143-8D38-59787AAE36D3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "00CB6F78-BA15-489E-BCD8-25CECB8FCBED",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nsg50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8B084120-41C6-4F3C-9803-9C178EB4DE91",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nxc2500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "099AC2B1-7352-43EC-811A-89937FA1E2E3",
                     versionEndIncluding: "6.10\\(aaig.3\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nxc2500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BADED427-DEFF-4213-836B-C8EF0531C39A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nxc5500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "012B7439-FDDB-464D-8D11-AAAF54E9F59A",
                     versionEndIncluding: "6.10\\(aaos.3\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nxc5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A334B8B-8750-4519-B485-0AB0CECD212B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "00D41E43-D7BA-4927-9966-2847E12270E6",
                     versionEndIncluding: "6.25\\(abfa.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nap203:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80AE2CEA-90AC-421A-86BB-F404CDE7785D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "93110B5F-CB02-4413-9588-35B47D7A5CE3",
                     versionEndIncluding: "6.25\\(abex.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nap303:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4BF5D4C-DB8E-4077-BE78-C73AA203406C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C44494F9-1ADA-4A3D-8FBA-D0D97C3DACB5",
                     versionEndIncluding: "6.25\\(abey.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nap353:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3BCEC13E-3D1C-4B42-87F5-94FE1066C218",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A696580F-3993-4653-B48E-AAB7D1A2B7DC",
                     versionEndIncluding: "6.25\\(abyw.5\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E809B8FE-DBF8-4B7F-B33E-939750D08617",
                     versionEndIncluding: "6.25\\(abzl.5\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "554C9C1E-EE3C-4BD7-95CF-9748167EA691",
                     versionEndIncluding: "6.27\\(accv.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DDFAECE0-C011-4488-89A8-249972CA0773",
                     versionEndIncluding: "6.30\\(abtg.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5DD8FF80-E4B1-4521-B2D3-B2B4B4049A14",
                     versionEndIncluding: "6.30\\(abtd.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1123-ac-hd_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF0819A0-7616-467F-BF17-59302EADCA0C",
                     versionEndIncluding: "6.25\\(abin.6\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123-ac-hd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "27F719D3-0D19-4D92-9570-4B1A48AD5670",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "858A8B50-515B-4CD3-B07C-3633EE605CC9",
                     versionEndIncluding: "6.25\\(abhd.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123-ac-pro:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9DC66B07-67FB-47F6-B54B-E40BE89F33A9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF0C532C-D263-4EDA-8127-0CE61A02353A",
                     versionEndIncluding: "6.30\\(abvt.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1302-ac_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A9DF9C2-7BD9-456D-8D27-DD6966A0B4AA",
                     versionEndIncluding: "6.25\\(abku.6\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1302-ac:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFA514BB-B688-4EBD-9530-F5112F7503F6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa5123-ac-hd_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A775E4A-4672-494E-A5A4-D906180092FA",
                     versionEndIncluding: "6.25\\(abim.6\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa5123-ac-hd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1808BC03-AE4E-4AB7-996D-89081808720B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "528A7200-2884-4849-82EC-516A6BAB9DD2",
                     versionEndIncluding: "6.30\\(abwa.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD646A37-5CE7-4B9D-9F9A-0443F5A35047",
                     versionEndIncluding: "6.30\\(abvs.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac5302d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC5ABF47-C899-4C1B-AFFB-11F37B2CA1B2",
                     versionEndIncluding: "6.10\\(abfh.10\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac5302d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E4AA4FC1-E3E4-499F-B0C1-22B738DA4DA8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "97843B29-E50B-4451-8583-9120A30908D4",
                     versionEndIncluding: "6.25\\(abvz.6\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A690501F-DC2D-4F90-ABC0-33B5F1279C36",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4DDC631C-0510-4E30-B896-B218ABE618AA",
                     versionEndIncluding: "6.25\\(aaxh.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "341DB051-7F01-4B36-BA15-EBC25FACB439",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0126F87D-14E9-402B-975A-FB11855D1E6C",
                     versionEndIncluding: "6.25\\(abgl.6\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0F08117-0BCE-4EA1-8DA7-1AC4EFF67E2F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5701D95-35AC-489B-8348-E3AC32D1626D",
                     versionEndIncluding: "6.25\\(aasd.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6502d-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD8842C8-FB0A-46F0-9BB4-CAC6334D1E51",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "00AA8697-6B5D-439C-8E9A-B0B1EBDF1496",
                     versionEndIncluding: "6.25\\(aase.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD108388-ABE5-4142-910F-C3C8B1C13617",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C7ADC5F9-B1CE-474A-958F-F6267507A5E1",
                     versionEndIncluding: "6.25\\(aasf.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6553d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A467110-CF4D-45CB-8855-EBA5D5985294",
                     versionEndIncluding: "6.25\\(aasg.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6553d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD45FA01-D2BF-441A-8669-1190F79D206B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "978F6DD8-A04F-4DC0-8497-4F6454FA3235",
                     versionEndIncluding: "6.25\\(abio.7\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD47738A-9001-4CC1-8FED-1D1CFC56F548",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F272586C-292F-409C-9BDB-D9D70C0C3D2A",
                     versionEndIncluding: "6.30\\(abtf.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "86B43BD3-CA22-4D81-9281-78A3B23FAC60",
                     versionEndIncluding: "6.30\\(abte.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A26EEF52-DC36-4D5C-9E2F-25238615B2BC",
                     versionEndIncluding: "6.30\\(abzd.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AAF35E44-DC87-49EC-868A-C721CC4FFD3B",
                     versionEndIncluding: "6.30\\(abrm.2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.",
      },
      {
         lang: "es",
         value: "Se han identificado varios fallos de comprobación de entrada inadecuados en algunos comandos CLI de las Zyxel USG/ZyWALL versiones de firmware 4.09 hasta 4.71,  USG FLEX series versiones de firmware 4.50 hasta 5.21, ATP series versiones de firmware 4.32 hasta 5.21, VPN series versiones de firmware 4.30 a 5.21, NSG series versiones de firmware1.00 hasta 1.33 Patch 4, NXC2500 versión de firmware 6.10(AAIG.3 ) y versiones anteriores, el firmware NAP203 versión 6.25(ABFA.7) y versiones anteriores, NWA50AX versión de firmware 6.25(ABYW.5) y versiones anteriores, WAC500 versión de firmware 6.30(ABVS.2) y versiones anteriores, WAX510D versión de firmware 6.30(ABTF.2) y versiones anteriores, que podría permitir a un atacante local autenticado causar un desbordamiento del búfer o un bloqueo del sistema por medio de una carga útil diseñada",
      },
   ],
   id: "CVE-2022-26531",
   lastModified: "2024-11-21T06:54:07.470",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.6,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.1,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 4.2,
            source: "security@zyxel.com.tw",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-05-24T06:15:09.297",
   references: [
      {
         source: "security@zyxel.com.tw",
         url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html",
      },
      {
         source: "security@zyxel.com.tw",
         url: "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html",
      },
      {
         source: "security@zyxel.com.tw",
         url: "http://seclists.org/fulldisclosure/2022/Jun/15",
      },
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://seclists.org/fulldisclosure/2022/Jun/15",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}