Search criteria

6 vulnerabilities found for wac6553d-e_firmware by zyxel

FKIE_CVE-2024-7261

Vulnerability from fkie_nvd - Published: 2024-09-03 03:15 - Updated: 2024-09-13 19:39
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) and earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) and earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.
References
security@zyxel.com.twhttps://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024Vendor Advisory
Impacted products
Vendor Product Version
zyxel nwa110ax_firmware *
zyxel nwa110ax -
zyxel nwa1123-ac_pro_firmware *
zyxel nwa1123-ac_pro -
zyxel nwa1123acv3_firmware *
zyxel nwa1123acv3 -
zyxel nwa130be_firmware *
zyxel nwa130be -
zyxel nwa210ax_firmware *
zyxel nwa210ax -
zyxel nwa220ax-6e_firmware *
zyxel nwa220ax-6e -
zyxel nwa50ax_firmware *
zyxel nwa50ax -
zyxel nwa50ax_pro_firmware *
zyxel nwa50ax_pro -
zyxel nwa55axe_firmware *
zyxel nwa55axe -
zyxel nwa90ax_firmware *
zyxel nwa90ax -
zyxel nwa90ax_pro_firmware *
zyxel nwa90ax_pro -
zyxel usg_lite_60ax_firmware *
zyxel usg_lite_60ax -
zyxel wac500_firmware *
zyxel wac500 -
zyxel wac500h_firmware *
zyxel wac500h -
zyxel wac6103d-i_firmware *
zyxel wac6103d-i -
zyxel wac6502d-s_firmware *
zyxel wac6502d-s -
zyxel wac6503d-s_firmware *
zyxel wac6503d-s -
zyxel wac6552d-s_firmware *
zyxel wac6552d-s -
zyxel wac6553d-e_firmware *
zyxel wac6553d-e -
zyxel wax300h_firmware *
zyxel wax300h -
zyxel wax510d_firmware *
zyxel wax510d -
zyxel wax610d_firmware *
zyxel wax610d -
zyxel wax620d-6e_firmware *
zyxel wax620d-6e -
zyxel wax630s_firmware *
zyxel wax630s -
zyxel wax640s-6e_firmware *
zyxel wax640s-6e -
zyxel wax650s_firmware *
zyxel wax650s -
zyxel wax655e_firmware *
zyxel wax655e -
zyxel wbe530_firmware *
zyxel wbe530 -
zyxel wbe660s_firmware *
zyxel wbe660s -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4516EB83-8B99-40BD-94E5-CBD5057107B8",
              "versionEndExcluding": "7.00\\(abtg.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A3F9232-F988-4428-9898-4F536123CE88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa1123-ac_pro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9875CD66-9249-4702-88E5-B1239FA4AD29",
              "versionEndExcluding": "6.28\\(abhd.3\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa1123-ac_pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "145723DB-C34B-4C2A-B3C2-7A5CFEF503CA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C88D274-D770-46F9-A802-93B1C72C3802",
              "versionEndExcluding": "6.70\\(abvt.5\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36C13E7F-2186-4587-83E9-57B05A7147B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa130be_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D1105DC-E628-45C7-BB10-6EFB8038FC46",
              "versionEndExcluding": "7.00\\(acil.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa130be:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "782F9AB7-3464-4BFE-B502-B62CD51A8865",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F03710-B004-4AA1-BBE3-FD6AD2ABF681",
              "versionEndExcluding": "7.00\\(abtd.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFD8274A-8135-4C3F-9998-4F13170DC5BD",
              "versionEndExcluding": "7.00\\(acco.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E03F755-424D-4248-9076-ED7BECEB94C5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "439ED873-6DBF-4B67-B7B6-B285D885093C",
              "versionEndExcluding": "7.00\\(abyw.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2806A3B3-8F13-4170-B284-8809E3502044",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa50ax_pro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "76456787-1EB9-4585-A2D3-CAD77786B3EF",
              "versionEndExcluding": "7.00\\(acge.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa50ax_pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F36E7DCD-08BA-4FA1-9A8E-ADE956704132",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "319234D0-CBED-43AD-B21C-E3893786FA00",
              "versionEndExcluding": "7.00\\(abzl.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7440976-5CB4-40BE-95C2-98EF4B888109",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA77A46-A9BF-46A7-BCC3-0851FD2EDB4B",
              "versionEndExcluding": "7.00\\(accv.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A903978-737E-4266-A670-BC94E32CAF96",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa90ax_pro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C991363D-0CD5-4242-9B6D-903B6C71F3F3",
              "versionEndExcluding": "7.00\\(acgf.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa90ax_pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "480A495A-A4C4-4696-B500-B6333C79A28B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC39E0F3-D1D4-41BE-ABF1-F01A7AC1F959",
              "versionEndExcluding": "v2.00\\(acip.3\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:usg_lite_60ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC710993-3E55-4C88-A261-0A67F5069071",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E3E89C7-C3DA-4B4E-A8F1-EF854EB61C0C",
              "versionEndExcluding": "6.70\\(abvs.5\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C024551-F08F-4152-940D-1CF8BCD79613",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84A27C2E-140D-4554-8AD1-D9EBB76CF9D5",
              "versionEndExcluding": "6.70\\(abwa.5\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1FD502-4F62-4C77-B3BC-E563B24F0067",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0867C187-0BF0-4F4E-B291-3858810724D6",
              "versionEndExcluding": "6.28\\(aaxh.3\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "341DB051-7F01-4B36-BA15-EBC25FACB439",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DBA0866-22E5-4CE6-886C-CE21E6A4E6B0",
              "versionEndExcluding": "6.28\\(aase.3\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD108388-ABE5-4142-910F-C3C8B1C13617",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45449005-459C-4062-97FB-31B7CB249E21",
              "versionEndExcluding": "6.28\\(aasf.3\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C083097-E839-49ED-B4A8-8AEF5C502E47",
              "versionEndExcluding": "6.28\\(abio.3\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD47738A-9001-4CC1-8FED-1D1CFC56F548",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6553d-e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04666D56-1996-461E-B8AB-C5BCA6399EE8",
              "versionEndExcluding": "6.28\\(aasg.3\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6553d-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55273BCE-4F2C-4ED9-9FCB-D1197555BD53",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBEEF0EC-A325-4D02-B69E-AE24A4669C57",
              "versionEndExcluding": "7.00\\(achf.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax300h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3073565-BCDF-46EA-8FB0-E9BF402A5122",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6295B167-56B0-4F68-8163-0ECCA7ED5E0C",
              "versionEndExcluding": "7.00\\(abtf.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "924067FC-8230-440A-B596-05F3A39C3456",
              "versionEndExcluding": "7.00\\(abte.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3518DA0A-2C7B-4979-A457-0826C921B0F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "24A073C2-4124-49F1-BCBF-1508A310DCA0",
              "versionEndExcluding": "7.00\\(accn.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC244157-2D23-4DC2-A809-869948AC2096",
              "versionEndExcluding": "7.00\\(abzd.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC74AAF9-5206-4CEB-9023-6CD4F38AA623",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10075392-47BE-4B55-BEEF-6D259C6AFDF5",
              "versionEndExcluding": "7.00\\(accm.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20E4E9A0-DF92-47B7-94D6-0867E3171E47",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "794E19F4-ED5D-403C-BFA7-7D089FACC45F",
              "versionEndExcluding": "7.00\\(abrm.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D784994E-E2CE-4328-B490-D9DC195A53DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E1F72E5-0336-4565-802F-75A746DD4AA9",
              "versionEndExcluding": "7.00\\(acdo.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C302D991-2BAB-4C64-B0E0-EAEE19F79765",
              "versionEndExcluding": "7.00\\(acle.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wbe530:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3061579E-C708-42BC-86FC-B6223B941335",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52534374-242E-457F-A794-8A1AEFECA38F",
              "versionEndExcluding": "7.00\\(acgg.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\nand earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\nand earlier, and\u00a0USG LITE 60AX firmware version\u00a0V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device."
    },
    {
      "lang": "es",
      "value": "La neutralizaci\u00f3n incorrecta de elementos especiales en el par\u00e1metro \"host\" en el programa CGI de la versi\u00f3n de firmware 6.70(ABVT.4) y anteriores de Zyxel NWA1123ACv3, la versi\u00f3n de firmware 6.70(ABVS.4) y anteriores de WAC500, la versi\u00f3n de firmware 7.00(ACDO.1) y anteriores de WAX655E, la versi\u00f3n de firmware 7.00(ACLE.1) y anteriores de WBE530, y la versi\u00f3n de firmware V2.00(ACIP.2) de USG LITE 60AX podr\u00eda permitir que un atacante no autenticado ejecute comandos del sistema operativo enviando una cookie manipulada a un dispositivo vulnerable."
    }
  ],
  "id": "CVE-2024-7261",
  "lastModified": "2024-09-13T19:39:40.570",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "security@zyxel.com.tw",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-09-03T03:15:03.940",
  "references": [
    {
      "source": "security@zyxel.com.tw",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024"
    }
  ],
  "sourceIdentifier": "security@zyxel.com.tw",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "security@zyxel.com.tw",
      "type": "Secondary"
    }
  ]
}

FKIE_CVE-2023-22918

Vulnerability from fkie_nvd - Published: 2023-04-24 18:15 - Updated: 2024-11-21 07:45
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.
References
security@zyxel.com.twhttps://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-apsPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-apsPatch, Vendor Advisory
Impacted products
Vendor Product Version
zyxel atp200_firmware *
zyxel atp200 -
zyxel atp100_firmware *
zyxel atp100 -
zyxel atp700_firmware *
zyxel atp700 -
zyxel atp500_firmware *
zyxel atp500 -
zyxel atp100w_firmware *
zyxel atp100w -
zyxel atp800_firmware *
zyxel atp800 -
zyxel usg_flex_100_firmware *
zyxel usg_flex_100 -
zyxel usg_flex_50_firmware *
zyxel usg_flex_50 -
zyxel usg_flex_200_firmware *
zyxel usg_flex_200 -
zyxel usg_flex_500_firmware *
zyxel usg_flex_500 -
zyxel usg_flex_700_firmware *
zyxel usg_flex_700 -
zyxel usg_flex_100w_firmware *
zyxel usg_flex_100w -
zyxel usg_20w-vpn_firmware *
zyxel usg_20w-vpn -
zyxel usg_flex_50w_firmware *
zyxel usg_flex_50w -
zyxel usg20-vpn_firmware *
zyxel usg20-vpn -
zyxel vpn100_firmware *
zyxel vpn100 -
zyxel vpn1000_firmware *
zyxel vpn1000 -
zyxel vpn300_firmware *
zyxel vpn300 -
zyxel vpn50_firmware *
zyxel vpn50 -
zyxel nap203_firmware *
zyxel nap203 -
zyxel nap303_firmware *
zyxel nap303 -
zyxel nap353_firmware *
zyxel nap353 -
zyxel nwa110ax_firmware *
zyxel nwa110ax -
zyxel nwa1123-ac_hd_firmware *
zyxel nwa1123-ac_hd -
zyxel nwa1123-ac-pro_firmware *
zyxel nwa1123-ac-pro -
zyxel nwa1123acv3_firmware *
zyxel nwa1123acv3 -
zyxel nwa210ax_firmware *
zyxel nwa210ax -
zyxel nwa220ax-6e_firmware *
zyxel nwa220ax-6e -
zyxel nwa50ax_firmware *
zyxel nwa50ax -
zyxel nwa50ax-pro_firmware *
zyxel nwa50ax-pro -
zyxel nwa5123-ac_hd_firmware *
zyxel nwa5123-ac_hd -
zyxel nwa55axe_firmware *
zyxel nwa55axe -
zyxel nwa90ax_firmware *
zyxel nwa90ax -
zyxel nwa90ax-pro_firmware *
zyxel nwa90ax-pro -
zyxel wac500_firmware *
zyxel wac500 -
zyxel wac500h_firmware *
zyxel wac500h -
zyxel wac5302d-sv2_firmware *
zyxel wac5302d-sv2 -
zyxel wac6103d-i_firmware *
zyxel wac6103d-i -
zyxel wac6303d-s_firmware *
zyxel wac6303d-s -
zyxel wac6502d-e_firmware *
zyxel wac6502d-e -
zyxel wac6502d-s_firmware *
zyxel wac6502d-s -
zyxel wac6503d-s_firmware *
zyxel wac6503d-s -
zyxel wac6552d-s_firmware *
zyxel wac6552d-s -
zyxel wac6553d-e_firmware *
zyxel wac6553d-e -
zyxel wax510d_firmware *
zyxel wax510d -
zyxel wax610d_firmware *
zyxel wax610d -
zyxel wax620d-6e_firmware *
zyxel wax620d-6e -
zyxel wax630s_firmware *
zyxel wax630s -
zyxel wax640s-6e_firmware *
zyxel wax640s-6e -
zyxel wax650s_firmware *
zyxel wax650s -
zyxel wax655e_firmware *
zyxel wax655e -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84A41F09-4474-4ABC-B2FA-92B17F63A7CA",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.32",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "73E39B94-291E-4E3A-8A89-B74FF063BA05",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.32",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7728D2C4-0B0A-404E-92BC-AAA1A1987BFD",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.32",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B7E5F75-5577-4511-A1F4-1BD142D60BD5",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.32",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8F79940-F737-4A71-9FAC-1F99E0BCE450",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.32",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "791D6928-BE82-4678-A8A4-39C9D9A1C684",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.32",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC95F84E-95A0-4FB8-942A-732E022E3CC6",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07895A23-2B15-4631-A55A-798B35A63E2D",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F65ACDFE-3A54-46D6-98CA-2D51957072AF",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0B8FF81-5020-429E-ABC7-D0F18A5177F5",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0F817C-6388-41E2-9F80-9B5427036865",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D65F0EC-7ACA-4B80-8D4E-2C1459837D15",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "224300FB-2462-4E88-A41E-E9E8EAE9CF48",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.16",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61480ED-BBF0-49EC-A814-CEFDE1FBFA08",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.16",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7079103C-ED92-40C3-AF42-4689822A96E2",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7239C54F-EC9E-44B4-AE33-1D36E5448219",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB329984-D2A1-40B4-826D-78643B8DD4C8",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB62871-BC40-43D8-A486-471CD9316332",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0135FFF-62FA-4AEA-8B67-1CCA2D85D8E0",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B01FA34A-CA33-48E7-978C-638FC678C9C1",
              "versionEndExcluding": "5.36",
              "versionStartIncluding": "4.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "85AA4E30-0A0E-4353-B88D-A856B83162DF",
              "versionEndIncluding": "6.28\\(abfa.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nap203:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80AE2CEA-90AC-421A-86BB-F404CDE7785D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36AD6F34-B17E-4853-9375-62B51DE5F1D2",
              "versionEndIncluding": "6.28\\(abex.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nap303:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4BF5D4C-DB8E-4077-BE78-C73AA203406C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E8EA12-187E-402B-866A-9125B2287292",
              "versionEndIncluding": "6.28\\(abey.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nap353:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BCEC13E-3D1C-4B42-87F5-94FE1066C218",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58E64F26-5465-4BD8-A948-39022B5AAA52",
              "versionEndIncluding": "6.50\\(abtg.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A3F9232-F988-4428-9898-4F536123CE88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa1123-ac_hd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8DEEFBF-DD32-40E5-A431-BE6A93D529A4",
              "versionEndIncluding": "6.25\\(abin.9\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa1123-ac_hd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A0FB576-76A2-4A25-979E-5E5B3BF5C636",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3448A074-A9B8-40BD-8DFA-E7097E402750",
              "versionEndIncluding": "6.28\\(abhd.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa1123-ac-pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DC66B07-67FB-47F6-B54B-E40BE89F33A9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFC6F464-DAE9-42CE-9339-C5E35B90B17B",
              "versionEndIncluding": "6.50\\(abvt.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36C13E7F-2186-4587-83E9-57B05A7147B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE46E92-D9DD-439C-BD41-88738FA652B7",
              "versionEndIncluding": "6.50\\(abtd.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DECB1230-D22C-4FBD-909C-6315B66B189D",
              "versionEndIncluding": "6.50\\(acco.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E03F755-424D-4248-9076-ED7BECEB94C5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B73F329-98E5-496F-BE38-47DD023DCB64",
              "versionEndIncluding": "6.55\\(acge.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2806A3B3-8F13-4170-B284-8809E3502044",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5804045-E32E-40E0-B42E-80755C385974",
              "versionEndIncluding": "6.50\\(acge.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DD6E6B-61EC-4E60-8244-56ADB26F2234",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa5123-ac_hd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "881C0001-B6CA-409D-8901-653227098219",
              "versionEndIncluding": "6.25\\(abim.9\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa5123-ac_hd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D85300F-9207-438C-A149-80FC7C6C0746",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4484EA94-3E1D-4DA8-B612-A35D50DC1103",
              "versionEndIncluding": "6.29\\(abzl.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7440976-5CB4-40BE-95C2-98EF4B888109",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D091EB4-A1FC-4E5F-AEE2-6EF879DC5B0A",
              "versionEndIncluding": "6.29\\(accv.1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A903978-737E-4266-A670-BC94E32CAF96",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4FF6556-2B10-4A8C-9325-0A6D4B41E529",
              "versionEndIncluding": "6.50\\(acgf.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFA44855-B135-44BD-AE21-FC58CD647AB6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D277464-AF76-4799-9B71-E96CB12BE0C0",
              "versionEndIncluding": "6.50\\(abvs.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C024551-F08F-4152-940D-1CF8BCD79613",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57DFDE05-C95F-446B-BA97-98EBA11C9794",
              "versionEndIncluding": "6.50\\(abwa.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1FD502-4F62-4C77-B3BC-E563B24F0067",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84A8FBD7-8461-474E-AFB1-BCAE24D4A2CD",
              "versionEndIncluding": "6.25\\(abvz.9\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A690501F-DC2D-4F90-ABC0-33B5F1279C36",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DF539FD-EDEA-4D37-8F1C-267884A617EF",
              "versionEndIncluding": "6.28\\(aaxh.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "341DB051-7F01-4B36-BA15-EBC25FACB439",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "622C2163-0B2F-4A32-B5C4-4111B8EC9096",
              "versionEndIncluding": "6.25\\(abgl.9\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0F08117-0BCE-4EA1-8DA7-1AC4EFF67E2F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A929856C-58D2-41AB-9EAC-E655123FD4FE",
              "versionEndIncluding": "6.28\\(aasd.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6502d-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD8842C8-FB0A-46F0-9BB4-CAC6334D1E51",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB36BF49-E31B-4F35-84B9-3EF20989FE2A",
              "versionEndIncluding": "6.28\\(aase.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD108388-ABE5-4142-910F-C3C8B1C13617",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA23320-A0E2-4A63-A20A-1F5FD7504C5F",
              "versionEndIncluding": "6.28\\(aasf.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E49B6FA1-4FCE-4802-8FCA-988048D9A595",
              "versionEndIncluding": "6.28\\(abio.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD47738A-9001-4CC1-8FED-1D1CFC56F548",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac6553d-e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD253268-2B7D-43BF-86BD-E603A52FD98A",
              "versionEndIncluding": "6.28\\(aasg.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac6553d-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55273BCE-4F2C-4ED9-9FCB-D1197555BD53",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C89819-CCB6-42A0-8045-850D544D1BBA",
              "versionEndIncluding": "6.50\\(abtf.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA21E78C-585A-4689-96B7-18C5DB44D2DE",
              "versionEndIncluding": "6.50\\(abte.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3518DA0A-2C7B-4979-A457-0826C921B0F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B470158-EE21-45EB-BDEC-5396DE9CB23C",
              "versionEndIncluding": "6.50\\(accn.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "43DD5397-02A9-40DD-BD02-052095CB8DDB",
              "versionEndIncluding": "6.50\\(abzd.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC74AAF9-5206-4CEB-9023-6CD4F38AA623",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F946BABC-A982-4625-AD9F-962C6FBDFDE9",
              "versionEndIncluding": "6.50\\(accm.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20E4E9A0-DF92-47B7-94D6-0867E3171E47",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2260165C-2483-4F48-8E70-DC82B5DA1554",
              "versionEndIncluding": "6.50\\(abrm.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D784994E-E2CE-4328-B490-D9DC195A53DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B0AE56-107B-41E2-A06A-BC8DC0A32FE7",
              "versionEndIncluding": "6.50\\(acdo.2\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device."
    }
  ],
  "id": "CVE-2023-22918",
  "lastModified": "2024-11-21T07:45:38.940",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "security@zyxel.com.tw",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-04-24T18:15:09.027",
  "references": [
    {
      "source": "security@zyxel.com.tw",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps"
    }
  ],
  "sourceIdentifier": "security@zyxel.com.tw",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-359"
        }
      ],
      "source": "security@zyxel.com.tw",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2024-7261 (GCVE-0-2024-7261)

Vulnerability from cvelistv5 – Published: 2024-09-03 02:10 – Updated: 2024-09-05 15:36
VLAI?
Summary
The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) and earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) and earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.
Severity ?
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
Vendor Product Version
Zyxel NWA1123ACv3 firmware Affected: <= 6.70(ABVT.4)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "usg_lite_60ax_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "V2.00\\(ACIP.2\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:nwa1123acv3_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "nwa1123acv3_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "6.70\\(ABVT.4\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:wac500_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wac500_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "6.70\\(ABVS.4\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:wax655e_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wax655e_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "7.00\\(ACDO.1\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wbe530_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "7.00\\(ACLE.1\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7261",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-05T03:55:55.275964Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-05T15:36:14.807Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "NWA1123ACv3 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 6.70(ABVT.4)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WAC500 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 6.70(ABVS.4)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WAX655E firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 7.00(ACDO.1)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WBE530 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 7.00(ACLE.1)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "USG LITE 60AX firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "V2.00(ACIP.2)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eand earlier\u003c/span\u003e, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eand earlier\u003c/span\u003e, and\u0026nbsp;USG LITE 60AX firmware version\u0026nbsp;V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device."
            }
          ],
          "value": "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\nand earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\nand earlier, and\u00a0USG LITE 60AX firmware version\u00a0V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-03T02:10:25.112Z",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2024-7261",
    "datePublished": "2024-09-03T02:10:25.112Z",
    "dateReserved": "2024-07-30T02:42:19.589Z",
    "dateUpdated": "2024-09-05T15:36:14.807Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22918 (GCVE-0-2023-22918)

Vulnerability from cvelistv5 – Published: 2023-04-24 00:00 – Updated: 2025-02-12 16:01
VLAI?
Summary
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.
Severity ?
6.5 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
Impacted products
Vendor Product Version
Zyxel ATP series firmware Affected: 4.32 through 5.35
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:20:31.470Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22918",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T16:34:08.539867Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T16:01:35.920Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ATP series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "4.32 through 5.35"
            }
          ]
        },
        {
          "product": "USG FLEX series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "4.50 through 5.35"
            }
          ]
        },
        {
          "product": "USG FLEX 50(W) firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "4.16 through 5.35"
            }
          ]
        },
        {
          "product": "USG20(W)-VPN firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "4.16 through 5.35"
            }
          ]
        },
        {
          "product": "VPN series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "4.30 through 5.35"
            }
          ]
        },
        {
          "product": "NWA110AX firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 6.50(ABTG.2)"
            }
          ]
        },
        {
          "product": "WAC500 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 6.50(ABVS.0)"
            }
          ]
        },
        {
          "product": "WAX510D firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 6.50(ABTF.2)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-359",
              "description": "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-24T00:00:00.000Z",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2023-22918",
    "datePublished": "2023-04-24T00:00:00.000Z",
    "dateReserved": "2023-01-10T00:00:00.000Z",
    "dateUpdated": "2025-02-12T16:01:35.920Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7261 (GCVE-0-2024-7261)

Vulnerability from nvd – Published: 2024-09-03 02:10 – Updated: 2024-09-05 15:36
VLAI?
Summary
The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) and earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) and earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.
Severity ?
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
Vendor Product Version
Zyxel NWA1123ACv3 firmware Affected: <= 6.70(ABVT.4)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "usg_lite_60ax_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "V2.00\\(ACIP.2\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:nwa1123acv3_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "nwa1123acv3_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "6.70\\(ABVT.4\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:wac500_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wac500_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "6.70\\(ABVS.4\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:wax655e_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wax655e_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "7.00\\(ACDO.1\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wbe530_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "7.00\\(ACLE.1\\)",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7261",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-05T03:55:55.275964Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-05T15:36:14.807Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "NWA1123ACv3 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 6.70(ABVT.4)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WAC500 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 6.70(ABVS.4)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WAX655E firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 7.00(ACDO.1)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WBE530 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 7.00(ACLE.1)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "USG LITE 60AX firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "V2.00(ACIP.2)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eand earlier\u003c/span\u003e, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eand earlier\u003c/span\u003e, and\u0026nbsp;USG LITE 60AX firmware version\u0026nbsp;V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device."
            }
          ],
          "value": "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\nand earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\nand earlier, and\u00a0USG LITE 60AX firmware version\u00a0V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-03T02:10:25.112Z",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2024-7261",
    "datePublished": "2024-09-03T02:10:25.112Z",
    "dateReserved": "2024-07-30T02:42:19.589Z",
    "dateUpdated": "2024-09-05T15:36:14.807Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22918 (GCVE-0-2023-22918)

Vulnerability from nvd – Published: 2023-04-24 00:00 – Updated: 2025-02-12 16:01
VLAI?
Summary
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.
Severity ?
6.5 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
Impacted products
Vendor Product Version
Zyxel ATP series firmware Affected: 4.32 through 5.35
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:20:31.470Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22918",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T16:34:08.539867Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T16:01:35.920Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ATP series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "4.32 through 5.35"
            }
          ]
        },
        {
          "product": "USG FLEX series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "4.50 through 5.35"
            }
          ]
        },
        {
          "product": "USG FLEX 50(W) firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "4.16 through 5.35"
            }
          ]
        },
        {
          "product": "USG20(W)-VPN firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "4.16 through 5.35"
            }
          ]
        },
        {
          "product": "VPN series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "4.30 through 5.35"
            }
          ]
        },
        {
          "product": "NWA110AX firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 6.50(ABTG.2)"
            }
          ]
        },
        {
          "product": "WAC500 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 6.50(ABVS.0)"
            }
          ]
        },
        {
          "product": "WAX510D firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 6.50(ABTF.2)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-359",
              "description": "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-24T00:00:00.000Z",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2023-22918",
    "datePublished": "2023-04-24T00:00:00.000Z",
    "dateReserved": "2023-01-10T00:00:00.000Z",
    "dateUpdated": "2025-02-12T16:01:35.920Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}