Vulnerabilites related to zyxel - wax640s-6e_firmware
Vulnerability from fkie_nvd
Published
2023-11-28 03:15
Modified
2024-11-21 08:42
Severity ?
Summary
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", matchCriteriaId: "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18", versionEndIncluding: "5.37", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", matchCriteriaId: "03FAEFC8-186B-4B52-869F-DA27224692C0", versionEndIncluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", matchCriteriaId: "0DE544DC-2644-4706-BB80-75B7E16DF4DD", versionEndIncluding: "5.37", versionStartIncluding: "4.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*", matchCriteriaId: "371CE32A-C28E-44D2-9B0B-D8775928FD0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", matchCriteriaId: "549A6FE1-25D6-4239-87B6-B729C098C625", versionEndIncluding: "5.37", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7DDF8F2-1E1C-4040-B24D-7959863AD5AF", versionEndExcluding: "6.70\\(abtg.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6372C936-65AD-431B-B0F3-3731E6B236EC", versionEndExcluding: "6.70\\(abvt.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*", matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D24E34B2-E5E8-4269-A168-4904A7751427", versionEndExcluding: "6.70\\(abtd.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A3B44BE7-A6FD-4B9B-B6F9-60A4B792E57B", versionEndExcluding: "6.70\\(acco.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "6E03F755-424D-4248-9076-ED7BECEB94C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D93BE4DB-8B74-4FE1-814D-22E78027FC7B", versionEndExcluding: "6.80\\(abyw.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A88CCD01-D827-4891-8E99-67B6FD064FE9", versionEndExcluding: "6.80\\(acge.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "D7DD6E6B-61EC-4E60-8244-56ADB26F2234", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C732FD48-F3FC-45A6-9081-D2067305D6F7", versionEndExcluding: "6.80\\(abzl.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "221D7820-55CA-447C-94FB-4946EC1536E7", versionEndExcluding: "6.80\\(accv.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D936894-A119-4EC4-BA51-3B2CD9F3F477", versionEndExcluding: "6.80\\(acgf.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA44855-B135-44BD-AE21-FC58CD647AB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34B57801-88C6-4BAB-A47F-EE428F8208C1", versionEndExcluding: "6.70\\(abvs.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*", matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E013C28-F1C2-474C-B909-6BE89752C335", versionEndExcluding: "6.70\\(abwa.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E174A280-1FC8-4A97-B7B1-3B8F5B47EB82", versionEndExcluding: "6.70\\(abtf.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "40288F50-E5B5-4398-BCBB-0C946869AB64", versionEndExcluding: "6.70\\(abte.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6EE5DA9-A76F-47EE-8DF2-7950DD37A1B7", versionEndExcluding: "6.70\\(accn.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C0C05AC-CF02-4D2B-BB8D-7DF960BAD814", versionEndExcluding: "6.70\\(abzd.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EBCEA07-66B1-48A0-9121-09C5FE30A4E2", versionEndExcluding: "6.70\\(accm.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "20E4E9A0-DF92-47B7-94D6-0867E3171E47", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0FE4DC40-903F-4063-99EA-D7D272400D22", versionEndExcluding: "6.70\\(abrm.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9C85EF6D-0300-4AE9-98FE-2FA05F6392D4", versionEndExcluding: "6.70\\(acdo.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*", matchCriteriaId: "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31DA2420-6E71-45FE-A1B4-76524431F932", versionEndExcluding: "6.70\\(acgg.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*", matchCriteriaId: "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.", }, { lang: "es", value: "Una vulnerabilidad de administración de privilegios inadecuada en el comando CLI de depuración de las versiones de firmware: \nserie Zyxel ATP 4.32 a 5.37,\nserie USG FLEX 4.50 a 5.37, \nserie USG FLEX 50(W) 4.16 a 5.37, \nserie USG20(W)-VPN 4.16 a 5.37,\nserie VPN 4.30 a 5.37, \nNWA50AX 6.29 (ABYW.2), \nWAC500 6.65 (ABVS.1), \nWAX300H 6.60 (ACHF.1) y \nWBE660S 6.65 ( ACGG.1),.\nPodría permitir que un atacante local autenticado acceda a los registros del administrador en un dispositivo afectado.", }, ], id: "CVE-2023-5797", lastModified: "2024-11-21T08:42:30.560", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2023-11-28T03:15:07.123", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "security@zyxel.com.tw", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-01-14 02:15
Modified
2025-01-21 21:12
Severity ?
Summary
An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4CDBEB22-3832-4C51-B811-8A2BF996D09E", versionEndExcluding: "7.10\\(abyw.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9719A4E4-DB57-4703-AC29-FD94CF89E7E0", versionEndExcluding: "7.10\\(acge.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "F36E7DCD-08BA-4FA1-9A8E-ADE956704132", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD6F3443-E169-4CA7-B18D-2DF68A507E59", versionEndExcluding: "7.10\\(abzl.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7961037-D162-4BAA-948E-18BB25385117", versionEndExcluding: "7.10\\(accv.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6EBC66E4-8643-47FE-80C0-14E53318C84E", versionEndExcluding: "7.10\\(acgf.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "480A495A-A4C4-4696-B500-B6333C79A28B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E159E289-85E2-4A82-B0DF-309096479A81", versionEndExcluding: "7.10\\(abtg.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa130be_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4360DF1-898A-4CCE-905D-05AE164195B5", versionEndExcluding: "7.10\\(acil.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa130be:-:*:*:*:*:*:*:*", matchCriteriaId: "782F9AB7-3464-4BFE-B502-B62CD51A8865", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF298D2B-3FCE-4974-9720-00266FE68D09", versionEndExcluding: "7.10\\(abtd.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A290449D-A968-4E76-A3E0-58483D14CA34", versionEndExcluding: "7.10\\(acco.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "6E03F755-424D-4248-9076-ED7BECEB94C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD3C70D2-3ABE-45D1-BAC1-F5378CA3B758", versionEndExcluding: "6.70\\(abvt.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*", matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61033C21-7255-4BBC-A22E-E87FB4C92C88", versionEndExcluding: "6.70\\(abvs.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*", matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ACC84162-28C7-4DA9-88C4-BFAE9315C805", versionEndExcluding: "6.70\\(abwa.6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91F75AB8-A165-4A09-B8F8-B63548E09887", versionEndExcluding: "7.10\\(achf.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax300h:-:*:*:*:*:*:*:*", matchCriteriaId: "C3073565-BCDF-46EA-8FB0-E9BF402A5122", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A34A2784-082B-4E26-8E1F-C395A7151DE5", versionEndExcluding: "7.10\\(abtf.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CE039840-2274-4E56-ABA5-EEF2932A3046", versionEndExcluding: "7.10\\(abte.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B410A50-3756-43BC-AAC3-3CCA65CD24EA", versionEndExcluding: "7.10\\(accn.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "75F74AE8-4CF4-4CDE-9CA0-1FB0E31D8DEB", versionEndExcluding: "7.10\\(abzd.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFA7899-2BFE-4F0D-B18B-059C16A4742E", versionEndExcluding: "7.10\\(accm.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "20E4E9A0-DF92-47B7-94D6-0867E3171E47", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93F89B44-3959-4709-B65D-F9B72646D746", versionEndExcluding: "7.10\\(abrm.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FFF2B717-0B0C-4A10-86A6-ABFB592C4A52", versionEndExcluding: "7.10\\(acdo.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*", matchCriteriaId: "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AAF5DBAB-37C2-4436-AA29-C48A0E88A673", versionEndExcluding: "7.10\\(acle.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wbe530:-:*:*:*:*:*:*:*", matchCriteriaId: "3061579E-C708-42BC-86FC-B6223B941335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64D953D8-8351-44F4-ADCE-97F11DF62AE7", versionEndExcluding: "7.00\\(acgg.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*", matchCriteriaId: "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7C68921A-9FD4-41AA-A6A3-5F3BCC36C345", versionEndExcluding: "2.10\\(acip.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_lite_60ax:-:*:*:*:*:*:*:*", matchCriteriaId: "EC710993-3E55-4C88-A261-0A67F5069071", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device.", }, { lang: "es", value: " Una vulnerabilidad de administración de privilegios inadecuada en la interfaz de administración web de las versiones de firmware Zyxel WBE530 hasta 7.00 (ACLE.3) y las versiones de firmware WBE660S hasta 6.70 (ACGG.2) podría permitir que un usuario autenticado con privilegios limitados aumente sus privilegios a los de administrador, lo que le permitiría cargar archivos de configuración a un dispositivo vulnerable.", }, ], id: "CVE-2024-12398", lastModified: "2025-01-21T21:12:02.310", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2025-01-14T02:15:07.990", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-and-security-router-devices-01-14-2025", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-11-28 02:15
Modified
2024-11-21 08:12
Severity ?
Summary
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", matchCriteriaId: "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18", versionEndIncluding: "5.37", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", matchCriteriaId: "03FAEFC8-186B-4B52-869F-DA27224692C0", versionEndIncluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", matchCriteriaId: "0DE544DC-2644-4706-BB80-75B7E16DF4DD", versionEndIncluding: "5.37", versionStartIncluding: "4.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*", matchCriteriaId: "371CE32A-C28E-44D2-9B0B-D8775928FD0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", matchCriteriaId: "549A6FE1-25D6-4239-87B6-B729C098C625", versionEndIncluding: "5.37", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7DDF8F2-1E1C-4040-B24D-7959863AD5AF", versionEndExcluding: "6.70\\(abtg.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6372C936-65AD-431B-B0F3-3731E6B236EC", versionEndExcluding: "6.70\\(abvt.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*", matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D24E34B2-E5E8-4269-A168-4904A7751427", versionEndExcluding: "6.70\\(abtd.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A3B44BE7-A6FD-4B9B-B6F9-60A4B792E57B", versionEndExcluding: "6.70\\(acco.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "6E03F755-424D-4248-9076-ED7BECEB94C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D93BE4DB-8B74-4FE1-814D-22E78027FC7B", versionEndExcluding: "6.80\\(abyw.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A88CCD01-D827-4891-8E99-67B6FD064FE9", versionEndExcluding: "6.80\\(acge.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "D7DD6E6B-61EC-4E60-8244-56ADB26F2234", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C732FD48-F3FC-45A6-9081-D2067305D6F7", versionEndExcluding: "6.80\\(abzl.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "221D7820-55CA-447C-94FB-4946EC1536E7", versionEndExcluding: "6.80\\(accv.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D936894-A119-4EC4-BA51-3B2CD9F3F477", versionEndExcluding: "6.80\\(acgf.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA44855-B135-44BD-AE21-FC58CD647AB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34B57801-88C6-4BAB-A47F-EE428F8208C1", versionEndExcluding: "6.70\\(abvs.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*", matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E013C28-F1C2-474C-B909-6BE89752C335", versionEndExcluding: "6.70\\(abwa.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E174A280-1FC8-4A97-B7B1-3B8F5B47EB82", versionEndExcluding: "6.70\\(abtf.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "40288F50-E5B5-4398-BCBB-0C946869AB64", versionEndExcluding: "6.70\\(abte.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6EE5DA9-A76F-47EE-8DF2-7950DD37A1B7", versionEndExcluding: "6.70\\(accn.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C0C05AC-CF02-4D2B-BB8D-7DF960BAD814", versionEndExcluding: "6.70\\(abzd.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EBCEA07-66B1-48A0-9121-09C5FE30A4E2", versionEndExcluding: "6.70\\(accm.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "20E4E9A0-DF92-47B7-94D6-0867E3171E47", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0FE4DC40-903F-4063-99EA-D7D272400D22", versionEndExcluding: "6.70\\(abrm.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9C85EF6D-0300-4AE9-98FE-2FA05F6392D4", versionEndExcluding: "6.70\\(acdo.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*", matchCriteriaId: "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31DA2420-6E71-45FE-A1B4-76524431F932", versionEndExcluding: "6.70\\(acgg.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*", matchCriteriaId: "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.", }, { lang: "es", value: "Una vulnerabilidad de administración de privilegios inadecuada en el comando CLI de depuración de las versiones de firmware: \nserie Zyxel ATP 4.32 a 5.37, \nserie USG FLEX 4.50 a 5.37, \nserie USG FLEX 50(W) 4.16 a 5.37, \nserie USG20(W)-VPN 4.16 a 5.37, \nserie VPN 4.30 a 5.37,\nNWA50AX 6.29 (ABYW.2), \nWAC500 6.65 (ABVS.1), \nWAX300H 6.60 (ACHF.1) y\nWBE660S 6.65 ( ACGG.1).\nPodría permitir que un atacante local autenticado acceda a los archivos del sistema en un dispositivo afectado.", }, ], id: "CVE-2023-37925", lastModified: "2024-11-21T08:12:29.060", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2023-11-28T02:15:42.547", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "security@zyxel.com.tw", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-24 18:15
Modified
2024-11-21 07:45
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84A41F09-4474-4ABC-B2FA-92B17F63A7CA", versionEndExcluding: "5.36", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "73E39B94-291E-4E3A-8A89-B74FF063BA05", versionEndExcluding: "5.36", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7728D2C4-0B0A-404E-92BC-AAA1A1987BFD", versionEndExcluding: "5.36", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8B7E5F75-5577-4511-A1F4-1BD142D60BD5", versionEndExcluding: "5.36", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8F79940-F737-4A71-9FAC-1F99E0BCE450", versionEndExcluding: "5.36", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "791D6928-BE82-4678-A8A4-39C9D9A1C684", versionEndExcluding: "5.36", versionStartIncluding: "4.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC95F84E-95A0-4FB8-942A-732E022E3CC6", versionEndExcluding: "5.36", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07895A23-2B15-4631-A55A-798B35A63E2D", versionEndExcluding: "5.36", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F65ACDFE-3A54-46D6-98CA-2D51957072AF", versionEndExcluding: "5.36", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B8FF81-5020-429E-ABC7-D0F18A5177F5", versionEndExcluding: "5.36", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD0F817C-6388-41E2-9F80-9B5427036865", versionEndExcluding: "5.36", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7D65F0EC-7ACA-4B80-8D4E-2C1459837D15", versionEndExcluding: "5.36", versionStartIncluding: "4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "224300FB-2462-4E88-A41E-E9E8EAE9CF48", versionEndExcluding: "5.36", versionStartIncluding: "4.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F61480ED-BBF0-49EC-A814-CEFDE1FBFA08", versionEndExcluding: "5.36", versionStartIncluding: "4.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7079103C-ED92-40C3-AF42-4689822A96E2", versionEndExcluding: "5.36", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "7239C54F-EC9E-44B4-AE33-1D36E5448219", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB329984-D2A1-40B4-826D-78643B8DD4C8", versionEndExcluding: "5.36", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5DB62871-BC40-43D8-A486-471CD9316332", versionEndExcluding: "5.36", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0135FFF-62FA-4AEA-8B67-1CCA2D85D8E0", versionEndExcluding: "5.36", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B01FA34A-CA33-48E7-978C-638FC678C9C1", versionEndExcluding: "5.36", versionStartIncluding: "4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85AA4E30-0A0E-4353-B88D-A856B83162DF", versionEndIncluding: "6.28\\(abfa.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap203:-:*:*:*:*:*:*:*", matchCriteriaId: "80AE2CEA-90AC-421A-86BB-F404CDE7785D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36AD6F34-B17E-4853-9375-62B51DE5F1D2", versionEndIncluding: "6.28\\(abex.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap303:-:*:*:*:*:*:*:*", matchCriteriaId: "C4BF5D4C-DB8E-4077-BE78-C73AA203406C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "49E8EA12-187E-402B-866A-9125B2287292", versionEndIncluding: "6.28\\(abey.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nap353:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCEC13E-3D1C-4B42-87F5-94FE1066C218", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58E64F26-5465-4BD8-A948-39022B5AAA52", versionEndIncluding: "6.50\\(abtg.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123-ac_hd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E8DEEFBF-DD32-40E5-A431-BE6A93D529A4", versionEndIncluding: "6.25\\(abin.9\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123-ac_hd:-:*:*:*:*:*:*:*", matchCriteriaId: "1A0FB576-76A2-4A25-979E-5E5B3BF5C636", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3448A074-A9B8-40BD-8DFA-E7097E402750", versionEndIncluding: "6.28\\(abhd.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123-ac-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9DC66B07-67FB-47F6-B54B-E40BE89F33A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BFC6F464-DAE9-42CE-9339-C5E35B90B17B", versionEndIncluding: "6.50\\(abvt.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*", matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCE46E92-D9DD-439C-BD41-88738FA652B7", versionEndIncluding: "6.50\\(abtd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DECB1230-D22C-4FBD-909C-6315B66B189D", versionEndIncluding: "6.50\\(acco.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "6E03F755-424D-4248-9076-ED7BECEB94C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0B73F329-98E5-496F-BE38-47DD023DCB64", versionEndIncluding: "6.55\\(acge.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5804045-E32E-40E0-B42E-80755C385974", versionEndIncluding: "6.50\\(acge.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "D7DD6E6B-61EC-4E60-8244-56ADB26F2234", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa5123-ac_hd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "881C0001-B6CA-409D-8901-653227098219", versionEndIncluding: "6.25\\(abim.9\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa5123-ac_hd:-:*:*:*:*:*:*:*", matchCriteriaId: "4D85300F-9207-438C-A149-80FC7C6C0746", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4484EA94-3E1D-4DA8-B612-A35D50DC1103", versionEndIncluding: "6.29\\(abzl.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3D091EB4-A1FC-4E5F-AEE2-6EF879DC5B0A", versionEndIncluding: "6.29\\(accv.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D4FF6556-2B10-4A8C-9325-0A6D4B41E529", versionEndIncluding: "6.50\\(acgf.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA44855-B135-44BD-AE21-FC58CD647AB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4D277464-AF76-4799-9B71-E96CB12BE0C0", versionEndIncluding: "6.50\\(abvs.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*", matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "57DFDE05-C95F-446B-BA97-98EBA11C9794", versionEndIncluding: "6.50\\(abwa.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84A8FBD7-8461-474E-AFB1-BCAE24D4A2CD", versionEndIncluding: "6.25\\(abvz.9\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*", matchCriteriaId: "A690501F-DC2D-4F90-ABC0-33B5F1279C36", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3DF539FD-EDEA-4D37-8F1C-267884A617EF", versionEndIncluding: "6.28\\(aaxh.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*", matchCriteriaId: "341DB051-7F01-4B36-BA15-EBC25FACB439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "622C2163-0B2F-4A32-B5C4-4111B8EC9096", versionEndIncluding: "6.25\\(abgl.9\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F08117-0BCE-4EA1-8DA7-1AC4EFF67E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A929856C-58D2-41AB-9EAC-E655123FD4FE", versionEndIncluding: "6.28\\(aasd.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6502d-e:-:*:*:*:*:*:*:*", matchCriteriaId: "FD8842C8-FB0A-46F0-9BB4-CAC6334D1E51", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AB36BF49-E31B-4F35-84B9-3EF20989FE2A", versionEndIncluding: "6.28\\(aase.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "DD108388-ABE5-4142-910F-C3C8B1C13617", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCA23320-A0E2-4A63-A20A-1F5FD7504C5F", versionEndIncluding: "6.28\\(aasf.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E49B6FA1-4FCE-4802-8FCA-988048D9A595", versionEndIncluding: "6.28\\(abio.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "CD47738A-9001-4CC1-8FED-1D1CFC56F548", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6553d-e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD253268-2B7D-43BF-86BD-E603A52FD98A", versionEndIncluding: "6.28\\(aasg.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6553d-e:-:*:*:*:*:*:*:*", matchCriteriaId: "55273BCE-4F2C-4ED9-9FCB-D1197555BD53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B0C89819-CCB6-42A0-8045-850D544D1BBA", versionEndIncluding: "6.50\\(abtf.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA21E78C-585A-4689-96B7-18C5DB44D2DE", versionEndIncluding: "6.50\\(abte.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B470158-EE21-45EB-BDEC-5396DE9CB23C", versionEndIncluding: "6.50\\(accn.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43DD5397-02A9-40DD-BD02-052095CB8DDB", versionEndIncluding: "6.50\\(abzd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F946BABC-A982-4625-AD9F-962C6FBDFDE9", versionEndIncluding: "6.50\\(accm.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "20E4E9A0-DF92-47B7-94D6-0867E3171E47", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2260165C-2483-4F48-8E70-DC82B5DA1554", versionEndIncluding: "6.50\\(abrm.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6B0AE56-107B-41E2-A06A-BC8DC0A32FE7", versionEndIncluding: "6.50\\(acdo.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*", matchCriteriaId: "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.", }, ], id: "CVE-2023-22918", lastModified: "2024-11-21T07:45:38.940", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-24T18:15:09.027", references: [ { source: "security@zyxel.com.tw", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-359", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-20 02:15
Modified
2025-01-21 18:36
Severity ?
Summary
A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1,
USG FLEX H series firmware versions from 1.10 through 1.10 Patch 1,
NWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "22B1CC86-551C-4CF1-9905-22D983C87B0C", versionEndExcluding: "5.37", versionStartIncluding: "4.32", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:atp100_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "121E2131-A6CB-4714-BD0B-9CDBFF924F10", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:atp100_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "C4AA7A4F-E00F-4CFA-8B4F-305BEC37F0B8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E4D7828-078E-4418-9F04-302FC7F8BB25", versionEndExcluding: "5.37", versionStartIncluding: "4.32", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:atp100w_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "F750721F-73AD-4BDD-A407-72D8DEB30C68", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:atp100w_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "069E7437-BF71-4F73-8C0A-44DC9804492B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "67DC678C-8CA1-4289-A69B-435FE3374BCD", versionEndExcluding: "5.37", versionStartIncluding: "4.32", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:atp200_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "B20F854E-486D-46C0-90C8-81153573FEF1", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:atp200_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "DE71538C-16FD-43B1-B6CD-EB5988AFB7BF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5C9B7E5-F548-4F9F-8CA7-20B7D41DF0AC", versionEndExcluding: "5.37", versionStartIncluding: "4.32", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:atp500_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "9E8933B8-F66E-4667-955E-DB5486534C5A", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:atp500_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "6F694EDC-DEF2-47D4-BCF0-32972EF8CEA1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8E1974D6-04C1-4135-812D-6901712940EE", versionEndExcluding: "5.37", versionStartIncluding: "4.32", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:atp700_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "0E3E890B-8BDE-4C22-BFF7-B87495C71C48", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:atp700_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "3037AE20-8F8B-4656-9534-6436A8AEA8C9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21C4C98F-B383-4F2F-B84E-3C6DDD8437DB", versionEndExcluding: "5.37", versionStartIncluding: "4.32", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:atp800_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "67FA1CEC-DED7-46D4-A4FC-780431B3EE2B", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:atp800_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "DFD1CE91-B72C-4589-9A5F-F1164C0193AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D66CA5F-C85F-4D69-8F82-BDCF6FCB905C", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "DF266069-4FA5-4343-B62C-0940A0C61566", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "99E0ECA5-7FE6-4E56-A741-E3260C99A43A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9CF216E5-870B-4C6E-9CFA-A5FB6F476CB0", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_100ax_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "395E8D72-E9F6-4923-B4DE-875D195B27F7", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_100ax_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "FCBEDDCD-A9F6-4E07-ADF8-B1E9C557CDEC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100ax:-:*:*:*:*:*:*:*", matchCriteriaId: "03036815-04AE-4E39-8310-DA19A32CFA48", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C220BBFF-29A6-483B-9806-6A966625EFEE", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_100h_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "45EEA203-C4E3-4916-A9E5-15AB994B53FA", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_100h_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "A21576D3-6A3F-451C-9B62-E0B0418D5529", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100h:-:*:*:*:*:*:*:*", matchCriteriaId: "ED28D5ED-B21A-4CD6-947E-9C21EA801B7D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5E31FC3-E2EC-4909-BF8D-86775AF4D4B5", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "DC61CF4F-74D5-4C96-8D8A-779436CF344D", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "25EB6607-7241-4D01-BC87-3C3E62B27B6B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D6EF9AA9-65D5-4D7B-A2BF-9150C6339282", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "8E4CC2FF-2BB1-43E8-A7AA-56A220705FE8", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "31206A47-4A01-4FB7-A0AA-E9D22C63941D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_200h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "69B29C9B-DB92-4DBD-9F83-1C9FABAC81B4", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_200h_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "CBDE985D-B016-4303-8EE6-904C79F8FE82", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_200h_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "0ACD16E9-7EE0-4AD5-9D71-121AFAEF7947", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_200h:-:*:*:*:*:*:*:*", matchCriteriaId: "09D15ECD-4942-407A-A62E-9785568C6B78", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_200hp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC129C3-AD72-44AE-B89D-5BF40559B9F4", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_200hp_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "9EE95AED-D8FB-44BD-856D-2F7A6DB2AABA", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_200hp_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "D764B87E-8B23-4C33-93BB-59B23CFEADBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_200hp:-:*:*:*:*:*:*:*", matchCriteriaId: "FD7E9028-1ECB-4D88-84D8-CFC589B429AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50C93BA9-E4F3-48F3-8D58-92409905AC03", versionEndExcluding: "5.37", versionStartIncluding: "4.16", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_50_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "5476C178-E553-44FC-854B-5851F0F28469", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_50_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "C2D65155-CDF2-4A99-94CA-D4B61B26D32C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B221F5CD-C0C6-4917-AC15-FF1BA3904915", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "D9D7FBB8-C983-4EFA-90CB-EC5C6A26D112", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "5CDA1267-E136-4932-9627-B4D12DB17E27", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_500h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C8ACA5C0-F9AC-4986-95CF-74A92DEAF45E", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_500h_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "1D168F82-50CE-4E25-B1D9-B50F69463F5A", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_500h_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "9A0B9A2C-772B-4669-BC7C-71FA32B1B4EA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_500h:-:*:*:*:*:*:*:*", matchCriteriaId: "DE57BCA4-8631-460A-BFE3-BB765E5D009F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A2842FD-23CC-4E12-AF08-979035695E5F", versionEndExcluding: "5.37", versionStartIncluding: "4.16", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "DC8C2C47-FE8E-4496-9648-0B264A9A2EA0", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "EEB68246-FD4B-4FB6-9140-63725EA24660", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0FA43EB7-3F72-4250-BE9A-7449B8AEF90F", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "A1FEDD30-0B80-4F07-8475-156B9FE46883", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "3953AFFC-18E6-46AA-BC99-EA65726E4D9E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_700h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D051AE62-28E7-4626-B5CB-F4B244260A0E", versionEndExcluding: "5.37", versionStartIncluding: "4.50", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_700h_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "A5A45A9D-D9C7-495D-BD83-EE088746FD36", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg_flex_700h_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "606D09B9-0376-4277-9964-F0580D65C3E0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_700h:-:*:*:*:*:*:*:*", matchCriteriaId: "8832743A-99FA-417E-BCE1-4BF7D4CEF9BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7E10984B-2ACA-4B15-AF74-F6E7D467DA8B", versionEndExcluding: "5.37", versionStartIncluding: "4.16", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg20-vpn_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "B0BFA01B-1328-4F96-AE56-D39416A54F0C", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg20-vpn_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "ABB0C1EC-512C-4A00-84C6-4F93FDD7739F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "7239C54F-EC9E-44B4-AE33-1D36E5448219", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CE25FC75-B93D-4010-A255-2AF732D47674", versionEndExcluding: "5.37", versionStartIncluding: "4.16", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg20w-vpn_firmware:5.37:-:*:*:*:*:*:*", matchCriteriaId: "D8470EFC-2AED-45A3-8F4E-CF8EB8EB43D0", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:usg20w-vpn_firmware:5.37:patch1:*:*:*:*:*:*", matchCriteriaId: "AFD0A4B7-5A6D-4DAE-9FA4-559F9932A92B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "06D2AD3A-9197-487D-A267-24DE332CC66B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:uos:1.10:-:*:*:*:*:*:*", matchCriteriaId: "AD61F9D7-0229-4A40-903E-F25F67E547F9", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:uos:1.10:patch1:*:*:*:*:*:*", matchCriteriaId: "29B81F51-C82B-4099-99B4-5A53BAAA45C0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100h:-:*:*:*:*:*:*:*", matchCriteriaId: "ED28D5ED-B21A-4CD6-947E-9C21EA801B7D", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_100hp:-:*:*:*:*:*:*:*", matchCriteriaId: "ACCFC4B1-37DD-4BF7-86A9-5F0A9A2C1D07", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_200h:-:*:*:*:*:*:*:*", matchCriteriaId: "09D15ECD-4942-407A-A62E-9785568C6B78", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_200hp:-:*:*:*:*:*:*:*", matchCriteriaId: "FD7E9028-1ECB-4D88-84D8-CFC589B429AE", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_500h:-:*:*:*:*:*:*:*", matchCriteriaId: "DE57BCA4-8631-460A-BFE3-BB765E5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:zyxel:usg_flex_700h:-:*:*:*:*:*:*:*", matchCriteriaId: "8832743A-99FA-417E-BCE1-4BF7D4CEF9BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35D4CA0-0E9B-4284-B72F-1151BCC85A82", versionEndExcluding: "6.29\\(abyw.4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "97593633-CDCA-4F99-AD92-3E64E2262539", versionEndExcluding: "6.29\\(abzl.4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A47F336-D8B8-4B99-AE3E-6694BE7A2BFB", versionEndExcluding: "6.29\\(accv.4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3580D6A6-24F7-4759-BFF4-D7A7A83477FE", versionEndExcluding: "6.70\\(abtg.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9CC634A9-79A8-4562-BDD5-79AE7A3AA3B3", versionEndExcluding: "6.70\\(abtd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CF0E904-747A-4799-929D-2838173DF657", versionEndExcluding: "6.70\\(acco.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "6E03F755-424D-4248-9076-ED7BECEB94C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3FFADE1-8BC3-4DC1-ACC6-5FEC0D6F2738", versionEndExcluding: "6.70\\(abvt.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*", matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8CEB667E-C8BC-4ECF-8D69-046C01546AE9", versionEndExcluding: "6.70\\(abvs.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*", matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CE0BD60E-14CF-4D36-B443-C2CAB4B85564", versionEndExcluding: "6.70\\(abwa.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1C7861D-27F0-466A-8FE0-9253F2A8BC70", versionEndExcluding: "6.70\\(achf.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax300h:-:*:*:*:*:*:*:*", matchCriteriaId: "C3073565-BCDF-46EA-8FB0-E9BF402A5122", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6A004988-13FC-4289-9CC6-D88D4DBC6818", versionEndExcluding: "6.70\\(abtf.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2FF2C2C3-F31D-4C2A-9DFF-733273AABFB2", versionEndExcluding: "6.70\\(abte.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FABC195A-5D2C-40DE-A23B-FA0B4D7AF303", versionEndExcluding: "6.70\\(accn.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E42CE181-704A-491C-BDE6-D9195AB99686", versionEndExcluding: "6.70\\(abzd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AF887F95-F742-414D-B461-0EB1396885E4", versionEndExcluding: "6.70\\(accm.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "20E4E9A0-DF92-47B7-94D6-0867E3171E47", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B3855AC8-C642-4C2B-A21D-5D3D78FCF61F", versionEndExcluding: "6.70\\(abrm.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A700911F-3CE7-4E72-AD7B-5116F90E9C69", versionEndExcluding: "6.70\\(acdo.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*", matchCriteriaId: "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "10E6DCC0-5C84-4B0B-8000-F326DC52F740", versionEndExcluding: "6.70\\(acgg.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*", matchCriteriaId: "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A88CCD01-D827-4891-8E99-67B6FD064FE9", versionEndExcluding: "6.80\\(acge.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "D7DD6E6B-61EC-4E60-8244-56ADB26F2234", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D936894-A119-4EC4-BA51-3B2CD9F3F477", versionEndExcluding: "6.80\\(acgf.0\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA44855-B135-44BD-AE21-FC58CD647AB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, \n\nUSG FLEX H series firmware versions from 1.10 through 1.10 Patch 1,\n\nNWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP.", }, { lang: "es", value: "Una vulnerabilidad de inyección de comando posterior a la autenticación en el binario de carga de archivos en las versiones de firmware de la serie Zyxel ATP de 4.32 a 5.37, parche 1, versiones de firmware de la serie USG FLEX de 4.50 a 5.37, parche 1, versiones de firmware de la serie USG FLEX 50(W) de 4.16 a 5.37 Parche 1, versiones de firmware de la serie USG20(W)-VPN desde 4.16 hasta 5.37 Parche 1, versiones de firmware NWA50AX hasta 6.29(ABYW.3), versiones de firmware WAC500 hasta 6.65(ABVS.1), versiones de firmware WAX300H hasta 6.60(ACHF.1 ), y las versiones de firmware WBE660S hasta 6.65 (ACGG.1) podrían permitir que un atacante autenticado con privilegios de administrador ejecute algunos comandos del sistema operativo (SO) en un dispositivo afectado a través de FTP.", }, ], id: "CVE-2023-6398", lastModified: "2025-01-21T18:36:54.507", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "security@zyxel.com.tw", type: "Secondary", }, ], }, published: "2024-02-20T02:15:49.110", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-03 03:15
Modified
2024-09-13 19:39
Severity ?
Summary
The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4)
and earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1)
and earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4516EB83-8B99-40BD-94E5-CBD5057107B8", versionEndExcluding: "7.00\\(abtg.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123-ac_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9875CD66-9249-4702-88E5-B1239FA4AD29", versionEndExcluding: "6.28\\(abhd.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123-ac_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "145723DB-C34B-4C2A-B3C2-7A5CFEF503CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C88D274-D770-46F9-A802-93B1C72C3802", versionEndExcluding: "6.70\\(abvt.5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*", matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa130be_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1D1105DC-E628-45C7-BB10-6EFB8038FC46", versionEndExcluding: "7.00\\(acil.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa130be:-:*:*:*:*:*:*:*", matchCriteriaId: "782F9AB7-3464-4BFE-B502-B62CD51A8865", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E4F03710-B004-4AA1-BBE3-FD6AD2ABF681", versionEndExcluding: "7.00\\(abtd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BFD8274A-8135-4C3F-9998-4F13170DC5BD", versionEndExcluding: "7.00\\(acco.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "6E03F755-424D-4248-9076-ED7BECEB94C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "439ED873-6DBF-4B67-B7B6-B285D885093C", versionEndExcluding: "7.00\\(abyw.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa50ax_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "76456787-1EB9-4585-A2D3-CAD77786B3EF", versionEndExcluding: "7.00\\(acge.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa50ax_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "F36E7DCD-08BA-4FA1-9A8E-ADE956704132", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "319234D0-CBED-43AD-B21C-E3893786FA00", versionEndExcluding: "7.00\\(abzl.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0BA77A46-A9BF-46A7-BCC3-0851FD2EDB4B", versionEndExcluding: "7.00\\(accv.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nwa90ax_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C991363D-0CD5-4242-9B6D-903B6C71F3F3", versionEndExcluding: "7.00\\(acgf.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nwa90ax_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "480A495A-A4C4-4696-B500-B6333C79A28B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC39E0F3-D1D4-41BE-ABF1-F01A7AC1F959", versionEndExcluding: "v2.00\\(acip.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_lite_60ax:-:*:*:*:*:*:*:*", matchCriteriaId: "EC710993-3E55-4C88-A261-0A67F5069071", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4E3E89C7-C3DA-4B4E-A8F1-EF854EB61C0C", versionEndExcluding: "6.70\\(abvs.5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*", matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84A27C2E-140D-4554-8AD1-D9EBB76CF9D5", versionEndExcluding: "6.70\\(abwa.5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0867C187-0BF0-4F4E-B291-3858810724D6", versionEndExcluding: "6.28\\(aaxh.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*", matchCriteriaId: "341DB051-7F01-4B36-BA15-EBC25FACB439", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7DBA0866-22E5-4CE6-886C-CE21E6A4E6B0", versionEndExcluding: "6.28\\(aase.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "DD108388-ABE5-4142-910F-C3C8B1C13617", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45449005-459C-4062-97FB-31B7CB249E21", versionEndExcluding: "6.28\\(aasf.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8C083097-E839-49ED-B4A8-8AEF5C502E47", versionEndExcluding: "6.28\\(abio.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "CD47738A-9001-4CC1-8FED-1D1CFC56F548", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wac6553d-e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04666D56-1996-461E-B8AB-C5BCA6399EE8", versionEndExcluding: "6.28\\(aasg.3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wac6553d-e:-:*:*:*:*:*:*:*", matchCriteriaId: "55273BCE-4F2C-4ED9-9FCB-D1197555BD53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FBEEF0EC-A325-4D02-B69E-AE24A4669C57", versionEndExcluding: "7.00\\(achf.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax300h:-:*:*:*:*:*:*:*", matchCriteriaId: "C3073565-BCDF-46EA-8FB0-E9BF402A5122", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6295B167-56B0-4F68-8163-0ECCA7ED5E0C", versionEndExcluding: "7.00\\(abtf.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "924067FC-8230-440A-B596-05F3A39C3456", versionEndExcluding: "7.00\\(abte.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "24A073C2-4124-49F1-BCBF-1508A310DCA0", versionEndExcluding: "7.00\\(accn.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC244157-2D23-4DC2-A809-869948AC2096", versionEndExcluding: "7.00\\(abzd.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "10075392-47BE-4B55-BEEF-6D259C6AFDF5", versionEndExcluding: "7.00\\(accm.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*", matchCriteriaId: "20E4E9A0-DF92-47B7-94D6-0867E3171E47", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "794E19F4-ED5D-403C-BFA7-7D089FACC45F", versionEndExcluding: "7.00\\(abrm.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E1F72E5-0336-4565-802F-75A746DD4AA9", versionEndExcluding: "7.00\\(acdo.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*", matchCriteriaId: "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C302D991-2BAB-4C64-B0E0-EAEE19F79765", versionEndExcluding: "7.00\\(acle.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wbe530:-:*:*:*:*:*:*:*", matchCriteriaId: "3061579E-C708-42BC-86FC-B6223B941335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52534374-242E-457F-A794-8A1AEFECA38F", versionEndExcluding: "7.00\\(acgg.2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*", matchCriteriaId: "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\nand earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\nand earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.", }, { lang: "es", value: "La neutralización incorrecta de elementos especiales en el parámetro \"host\" en el programa CGI de la versión de firmware 6.70(ABVT.4) y anteriores de Zyxel NWA1123ACv3, la versión de firmware 6.70(ABVS.4) y anteriores de WAC500, la versión de firmware 7.00(ACDO.1) y anteriores de WAX655E, la versión de firmware 7.00(ACLE.1) y anteriores de WBE530, y la versión de firmware V2.00(ACIP.2) de USG LITE 60AX podría permitir que un atacante no autenticado ejecute comandos del sistema operativo enviando una cookie manipulada a un dispositivo vulnerable.", }, ], id: "CVE-2024-7261", lastModified: "2024-09-13T19:39:40.570", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-09-03T03:15:03.940", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "security@zyxel.com.tw", type: "Primary", }, ], }
cve-2023-6398
Vulnerability from cvelistv5
Published
2024-02-20 01:34
Modified
2024-08-25 15:46
Severity ?
EPSS score ?
Summary
A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1,
USG FLEX H series firmware versions from 1.10 through 1.10 Patch 1,
NWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Zyxel | ATP series firmware |
Version: version 4.32 through 5.37 Patch 1 |
||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:28:21.823Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "atp800_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.37_patch1", status: "affected", version: "4.32", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:zyxel:usg_flex_500w_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "usg_flex_700_firmware", vendor: "zyxel", versions: [ { lessThan: "5.37_patch1", status: "affected", version: "4.50", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nwa50ax_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nwa50ax_firmware", vendor: "zyxel", versions: [ { lessThan: "6.29\\(abyw.4\\)", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wac500_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wac500_firmware", vendor: "zyxel", versions: [ { lessThan: "6.70\\(abvs.1\\)", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wax300h_firmware", vendor: "zyxel", versions: [ { lessThan: "6.70\\(achf.1\\)", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wbe660s_firmware", vendor: "zyxel", versions: [ { lessThan: "6.70\\(acgg.1\\)", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "usg_20w-vpn_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.37_patch1", status: "affected", version: "4.16", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-6398", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-03-01T05:01:04.429989Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-25T15:46:49.897Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "ATP series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "version 4.32 through 5.37 Patch 1", }, ], }, { defaultStatus: "unaffected", product: "USG FLEX series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "version 4.50 through 5.37 Patch 1", }, ], }, { defaultStatus: "unaffected", product: "USG FLEX 50(W) series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: " version 4.16 through 5.37 Patch 1", }, ], }, { defaultStatus: "unaffected", product: "USG20(W)-VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "version 4.16 through 5.37 Patch 1", }, ], }, { defaultStatus: "unaffected", product: " NWA50AX firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "< 6.29(ABYW.4)", }, ], }, { defaultStatus: "unaffected", product: " WAC500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "< 6.70(ABVS.1)", }, ], }, { defaultStatus: "unaffected", product: "WAX300H firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "< 6.70(ACHF.1)", }, ], }, { defaultStatus: "unaffected", product: "WBE660S firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "< 6.70(ACGG.1)", }, ], }, { defaultStatus: "unaffected", product: "USG FLEX H series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "version 1.10 through 1.10 Patch 1", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, \n\nUSG FLEX H series firmware versions from 1.10 through 1.10 Patch 1,\n\nNWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP.", }, ], value: "A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, \n\nUSG FLEX H series firmware versions from 1.10 through 1.10 Patch 1,\n\nNWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-21T09:17:30.230Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2023-6398", datePublished: "2024-02-20T01:34:32.229Z", dateReserved: "2023-11-30T07:58:16.356Z", dateUpdated: "2024-08-25T15:46:49.897Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37925
Vulnerability from cvelistv5
Published
2023-11-28 01:30
Modified
2024-08-02 17:23
Severity ?
EPSS score ?
Summary
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Zyxel | ATP series firmware |
Version: versions 4.32 through 5.37 |
||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:23:27.715Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "ATP series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "versions 4.32 through 5.37", }, ], }, { defaultStatus: "unaffected", product: "USG FLEX series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "versions 4.50 through 5.37", }, ], }, { defaultStatus: "unaffected", product: "USG FLEX 50(W) series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "versions 4.16 through 5.37", }, ], }, { defaultStatus: "unaffected", product: "USG20(W)-VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "versions 4.16 through 5.37", }, ], }, { defaultStatus: "unaffected", product: "VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "versions 4.30 through 5.37", }, ], }, { defaultStatus: "unaffected", product: "NWA50AX firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "6.29(ABYW.2)", }, ], }, { defaultStatus: "unaffected", product: "WAC500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "6.65(ABVS.1)", }, ], }, { defaultStatus: "unaffected", product: "WAX300H firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "6.60(ACHF.1)", }, ], }, { defaultStatus: "unaffected", product: "WBE660S firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "6.65(ACGG.1)", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.", }, ], value: "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269 Improper Privilege Management", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-28T01:30:55.186Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2023-37925", datePublished: "2023-11-28T01:30:55.186Z", dateReserved: "2023-07-11T01:52:33.655Z", dateUpdated: "2024-08-02T17:23:27.715Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22918
Vulnerability from cvelistv5
Published
2023-04-24 00:00
Modified
2024-08-02 10:20
Severity ?
EPSS score ?
Summary
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Zyxel | ATP series firmware |
Version: 4.32 through 5.35 |
||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:20:31.470Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ATP series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.32 through 5.35", }, ], }, { product: "USG FLEX series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.50 through 5.35", }, ], }, { product: "USG FLEX 50(W) firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.16 through 5.35", }, ], }, { product: "USG20(W)-VPN firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.16 through 5.35", }, ], }, { product: "VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.30 through 5.35", }, ], }, { product: "NWA110AX firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.50(ABTG.2)", }, ], }, { product: "WAC500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.50(ABVS.0)", }, ], }, { product: "WAX510D firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.50(ABTF.2)", }, ], }, ], descriptions: [ { lang: "en", value: "A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-359", description: "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-24T00:00:00", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps", }, ], }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2023-22918", datePublished: "2023-04-24T00:00:00", dateReserved: "2023-01-10T00:00:00", dateUpdated: "2024-08-02T10:20:31.470Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-7261
Vulnerability from cvelistv5
Published
2024-09-03 02:10
Modified
2024-09-05 15:36
Severity ?
EPSS score ?
Summary
The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4)
and earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1)
and earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Zyxel | NWA1123ACv3 firmware |
Version: <= 6.70(ABVT.4) |
||||||||||||||||
|
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "usg_lite_60ax_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "V2.00\\(ACIP.2\\)", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nwa1123acv3_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nwa1123acv3_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "6.70\\(ABVT.4\\)", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wac500_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wac500_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "6.70\\(ABVS.4\\)", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wax655e_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wax655e_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "7.00\\(ACDO.1\\)", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wbe530_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "7.00\\(ACLE.1\\)", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-7261", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-05T03:55:55.275964Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-05T15:36:14.807Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NWA1123ACv3 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.70(ABVT.4)", }, ], }, { defaultStatus: "unaffected", product: "WAC500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.70(ABVS.4)", }, ], }, { defaultStatus: "unaffected", product: "WAX655E firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 7.00(ACDO.1)", }, ], }, { defaultStatus: "unaffected", product: "WBE530 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 7.00(ACLE.1)", }, ], }, { defaultStatus: "unaffected", product: "USG LITE 60AX firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "V2.00(ACIP.2)", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\n<span style=\"background-color: rgb(255, 255, 255);\">and earlier</span>, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\n<span style=\"background-color: rgb(255, 255, 255);\">and earlier</span>, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.", }, ], value: "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\nand earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\nand earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-03T02:10:25.112Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-7261", datePublished: "2024-09-03T02:10:25.112Z", dateReserved: "2024-07-30T02:42:19.589Z", dateUpdated: "2024-09-05T15:36:14.807Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-5797
Vulnerability from cvelistv5
Published
2023-11-28 02:00
Modified
2024-12-02 19:31
Severity ?
EPSS score ?
Summary
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Zyxel | ATP series firmware |
Version: versions 4.32 through 5.37 |
||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:14:24.078Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-5797", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-02T19:31:26.701004Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-02T19:31:49.340Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "ATP series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: " versions 4.32 through 5.37", }, ], }, { defaultStatus: "unaffected", product: "USG FLEX series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "versions 4.50 through 5.37", }, ], }, { defaultStatus: "unaffected", product: "USG FLEX 50(W) series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "versions 4.16 through 5.37", }, ], }, { defaultStatus: "unaffected", product: "USG20(W)-VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "versions 4.16 through 5.37", }, ], }, { defaultStatus: "unaffected", product: "VPN series firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "versions 4.30 through 5.37", }, ], }, { defaultStatus: "unaffected", product: "NWA50AX firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "6.29(ABYW.2)", }, ], }, { defaultStatus: "unaffected", product: "WAC500 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "6.65(ABVS.1)", }, ], }, { defaultStatus: "unaffected", product: "WAX300H firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "6.60(ACHF.1)", }, ], }, { defaultStatus: "unaffected", product: "WBE660S firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "6.65(ACGG.1)", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.", }, ], value: "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269 Improper Privilege Management", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-28T02:00:59.801Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2023-5797", datePublished: "2023-11-28T02:00:59.801Z", dateReserved: "2023-10-26T08:51:44.363Z", dateUpdated: "2024-12-02T19:31:49.340Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-12398
Vulnerability from cvelistv5
Published
2025-01-14 01:39
Modified
2025-01-14 15:26
Severity ?
EPSS score ?
Summary
An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Zyxel | WBE530 firmware |
Version: <= 7.00(ACLE.3) |
||||
|
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-12398", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-14T15:26:11.215705Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-14T15:26:24.681Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "WBE530 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 7.00(ACLE.3)", }, ], }, { defaultStatus: "unaffected", product: "WBE660S firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 6.70(ACGG.2)", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device.", }, ], value: "An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269 Improper Privilege Management", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-14T01:39:04.348Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-and-security-router-devices-01-14-2025", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-12398", datePublished: "2025-01-14T01:39:04.348Z", dateReserved: "2024-12-10T03:31:12.696Z", dateUpdated: "2025-01-14T15:26:24.681Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }