Vulnerabilites related to zyxel - zld
Vulnerability from fkie_nvd
Published
2024-09-03 02:15
Modified
2024-12-13 16:14
Summary
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an unauthenticated attacker to execute some OS commands on an affected device by sending a crafted username to the vulnerable device. Note that this attack could be successful only if the device was configured in User-Based-PSK authentication mode and a valid user with a long username exceeding 28 characters exists.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "871446C3-30E8-4FE9-AC8A-4D87A400233F",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4240E15F-8869-4DA7-9F6E-5DAF3708F9A7",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03036815-04AE-4E39-8310-DA19A32CFA48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C43DB2-3339-4FB1-AC44-56619A9DDAA0",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C43DB2-3339-4FB1-AC44-56619A9DDAA0",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an unauthenticated attacker to execute some OS commands on an affected device by sending a crafted username to the vulnerable device. Note that this attack could be successful only if the device was configured in User-Based-PSK authentication mode and a valid user with a long username exceeding 28 characters exists.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de inyección de comandos en la función IPSec VPN de las versiones de firmware de la serie Zyxel ATP desde la V4.32 hasta la V5.38, las versiones de firmware de la serie USG FLEX desde la V4.50 hasta la V5.38, las versiones de firmware de la serie USG FLEX 50(W) desde la V4.16 hasta la V5.38 y las versiones de firmware de la serie USG20(W)-VPN desde la V4.16 hasta la V5.38 podría permitir que un atacante no autenticado ejecute algunos comandos del sistema operativo en un dispositivo afectado mediante el envío de un nombre de usuario manipulado al dispositivo vulnerable. Tenga en cuenta que este ataque podría tener éxito solo si el dispositivo se configuró en modo de autenticación User-Based-PSK y existe un usuario válido con un nombre de usuario largo que supere los 28 caracteres.",
      },
   ],
   id: "CVE-2024-42057",
   lastModified: "2024-12-13T16:14:44.107",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.2,
            impactScore: 5.9,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2024-09-03T02:15:04.213",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-11-28 02:15
Modified
2024-11-21 08:08
Summary
A cross-site scripting (XSS) vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50(W) series firmware versions 5.10 through 5.37, USG20(W)-VPN series firmware versions 5.10 through 5.37, and VPN series firmware versions 5.00 through 5.37, could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed to steal cookies when the user visits the specific CGI used for dumping ZTP logs.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A959A961-FE39-4743-BCFB-700131DE4372",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "5.10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "78B5CDFF-8571-4232-AC38-8E4AD12F683B",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "5.00",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A959A961-FE39-4743-BCFB-700131DE4372",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "5.10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "371CE32A-C28E-44D2-9B0B-D8775928FD0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "78B5CDFF-8571-4232-AC38-8E4AD12F683B",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "5.00",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A cross-site scripting (XSS) vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50(W) series firmware versions 5.10 through 5.37, USG20(W)-VPN series firmware versions 5.10 through 5.37, and VPN series firmware versions 5.00 through 5.37, could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed to steal cookies when the user visits the specific CGI used for dumping ZTP logs.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de Cross Site Scripting (XSS) en el programa CGI de las versiones de firmware:\nserie Zyxel ATP 5.10 a 5.37,\nserie USG FLEX 5.00 a 5.37, \nserie USG FLEX 50(W) 5.10 a 5.37, USG20(W), \nserie VPN 5.10 a 5.37 y \nserie VPN 5.00 a 5.37.\nPodrían permitir que un atacante basado en LAN no autenticado almacene scripts maliciosos en un dispositivo vulnerable. Un ataque XSS exitoso podría resultar en la ejecución de scripts maliciosos almacenados para robar cookies cuando el usuario visita el CGI específico utilizado para volcar registros ZTP.",
      },
   ],
   id: "CVE-2023-35139",
   lastModified: "2024-11-21T08:08:00.870",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.2,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.1,
            impactScore: 2.7,
            source: "security@zyxel.com.tw",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.1,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-11-28T02:15:42.347",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-09-03 02:15
Modified
2024-12-13 16:14
Summary
A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "871446C3-30E8-4FE9-AC8A-4D87A400233F",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4240E15F-8869-4DA7-9F6E-5DAF3708F9A7",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03036815-04AE-4E39-8310-DA19A32CFA48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C43DB2-3339-4FB1-AC44-56619A9DDAA0",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C43DB2-3339-4FB1-AC44-56619A9DDAA0",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de desbordamiento de búfer en el programa CGI de las versiones de firmware de la serie Zyxel ATP de V4.32 a V5.38, las versiones de firmware de la serie USG FLEX de V4.50 a V5.38, las versiones de firmware de la serie USG FLEX 50(W) de V4.16 a V5.38 y las versiones de firmware de la serie USG20(W)-VPN de V4.16 a V5.38 podría permitir que un atacante autenticado con privilegios de administrador provoque condiciones de denegación de servicio (DoS) al enviar una solicitud HTTP manipulada a un dispositivo vulnerable.",
      },
   ],
   id: "CVE-2024-6343",
   lastModified: "2024-12-13T16:14:42.787",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 4.9,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 3.6,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2024-09-03T02:15:05.317",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-120",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-09-03 02:15
Modified
2024-12-13 16:14
Summary
A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V5.20 through V5.38, and USG20(W)-VPN series firmware versions from V5.20 through V5.38 could allow an unauthenticated attacker to cause DoS conditions by sending crafted packets to a vulnerable device.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "871446C3-30E8-4FE9-AC8A-4D87A400233F",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4240E15F-8869-4DA7-9F6E-5DAF3708F9A7",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03036815-04AE-4E39-8310-DA19A32CFA48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "57DB83F8-63CE-4E72-B89D-E88C2E0829E1",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "57DB83F8-63CE-4E72-B89D-E88C2E0829E1",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V5.20 through V5.38, and USG20(W)-VPN series firmware versions from V5.20 through V5.38 could allow an unauthenticated attacker to cause DoS conditions by sending crafted packets to a vulnerable device.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de desreferencia de puntero nulo en las versiones de firmware de la serie Zyxel ATP de V4.32 a V5.38, las versiones de firmware de la serie USG FLEX de V4.50 a V5.38, las versiones de firmware de la serie USG FLEX 50(W) de V5.20 a V5.38 y las versiones de firmware de la serie USG20(W)-VPN de V5.20 a V5.38 podría permitir que un atacante no autenticado provoque condiciones de denegación de servicio (DoS) mediante el envío de paquetes manipulados a un dispositivo vulnerable.",
      },
   ],
   id: "CVE-2024-42058",
   lastModified: "2024-12-13T16:14:34.367",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2024-09-03T02:15:04.467",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-476",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-11-28 02:15
Modified
2024-11-21 08:42
Summary
An improper privilege management vulnerability in the ZySH of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to modify the URL of the registration page in the web GUI of an affected device.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "03FAEFC8-186B-4B52-869F-DA27224692C0",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0DE544DC-2644-4706-BB80-75B7E16DF4DD",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "371CE32A-C28E-44D2-9B0B-D8775928FD0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "549A6FE1-25D6-4239-87B6-B729C098C625",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An improper privilege management vulnerability in the ZySH of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to modify the URL of the registration page in the web GUI of an affected device.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de administración de privilegios inadecuada en el ZySH de las versiones de firmware:\nserie Zyxel ATP 4.32 a 5.37, \nserie USG FLEX 4.50 a 5.37,\nserie USG FLEX 50(W) 4.16 a 5.37,\nserie USG20(W)-VPN 4.16 a 5.37.\nLas versiones de firmware de la serie VPN 4.30 a 5.37, podrían permitir que un atacante local autenticado modifique la URL de la página de registro en la GUI web de un dispositivo afectado.",
      },
   ],
   id: "CVE-2023-5650",
   lastModified: "2024-11-21T08:42:11.453",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "NONE",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2023-11-28T02:15:43.380",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-269",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-09-03 02:15
Modified
2024-12-13 16:14
Summary
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted internal user agreement file to the vulnerable device.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "871446C3-30E8-4FE9-AC8A-4D87A400233F",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4240E15F-8869-4DA7-9F6E-5DAF3708F9A7",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03036815-04AE-4E39-8310-DA19A32CFA48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C43DB2-3339-4FB1-AC44-56619A9DDAA0",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C43DB2-3339-4FB1-AC44-56619A9DDAA0",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted internal user agreement file to the vulnerable device.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de inyección de comandos posterior a la autenticación en las versiones de firmware de la serie Zyxel ATP de V4.32 a V5.38, las versiones de firmware de la serie USG FLEX de V4.50 a V5.38, las versiones de firmware de la serie USG FLEX 50(W) de V4.16 a V5.38 y las versiones de firmware de la serie USG20(W)-VPN de V4.16 a V5.38 podría permitir que un atacante autenticado con privilegios de administrador ejecute algunos comandos del sistema operativo en un dispositivo afectado cargando un archivo de acuerdo de usuario interno manipulado específicamente para el dispositivo vulnerable.",
      },
   ],
   id: "CVE-2024-42060",
   lastModified: "2024-12-13T16:14:40.370",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 5.9,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2024-09-03T02:15:04.900",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-11-28 02:15
Modified
2024-11-21 08:12
Summary
A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "03FAEFC8-186B-4B52-869F-DA27224692C0",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0DE544DC-2644-4706-BB80-75B7E16DF4DD",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "371CE32A-C28E-44D2-9B0B-D8775928FD0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "549A6FE1-25D6-4239-87B6-B729C098C625",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de desbordamiento del búfer en las versiones de firmware:\nserie Zyxel ATP 4.32 a 5.37, \nserie USG FLEX 4.50 a 5.37,\nserie USG FLEX 50(W) 4.16 a 5.37, \nserie USG20(W)-VPN 4.16 a 5.37.\nLas versiones de firmware de la serie VPN 4.30 a 5.37, podrían permitir que un atacante local autenticado provoque condiciones de denegación de servicio (DoS) ejecutando el comando CLI para volcar los registros del sistema en un dispositivo afectado.",
      },
   ],
   id: "CVE-2023-37926",
   lastModified: "2024-11-21T08:12:29.227",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2023-11-28T02:15:42.740",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-120",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-120",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-11-27 18:15
Modified
2024-12-12 16:23
Severity ?
Summary
A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.
Impacted products
Vendor Product Version
zyxel zld *
zyxel zywall_110 -
zyxel zld *
zyxel zywall_1100 -
zyxel zld *
zyxel zywall_310 -
zyxel zld *
zyxel usg_110 -
zyxel zld *
zyxel usg_1100 -
zyxel zld *
zyxel usg_1900 -
zyxel zld *
zyxel usg_20w -
zyxel zld *
zyxel usg_20w-vpn -
zyxel zld *
zyxel usg_2200-vpn -
zyxel zld *
zyxel usg_310 -
zyxel zld *
zyxel usg_40 -
zyxel zld *
zyxel usg_40w -
zyxel zld *
zyxel usg_60 -
zyxel zld *
zyxel usg_60w -
zyxel zld *
zyxel usg110 -
zyxel zld *
zyxel usg1100 -
zyxel zld *
zyxel usg1900 -
zyxel zld *
zyxel usg20-vpn -
zyxel zld *
zyxel usg20w-vpn -
zyxel zld *
zyxel usg210 -
zyxel zld *
zyxel usg2200-vpn -
zyxel zld *
zyxel usg310 -
zyxel zld *
zyxel usg40 -
zyxel zld *
zyxel usg40w -
zyxel zld *
zyxel usg60 -
zyxel zld *
zyxel usg60w -
zyxel zld *
zyxel vpn100 -
zyxel zld *
zyxel vpn300 -
zyxel zld *
zyxel vpn50 -
zyxel zld *
zyxel usg_flex_100 -
zyxel zld *
zyxel usg_flex_200 -
zyxel zld *
zyxel usg_flex_500 -
zyxel zld *
zyxel usg_flex_100w -
zyxel zld *
zyxel usg_flex_700 -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel nwa1123-ac_hd -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel nwa1123-ac_pro -
zyxel access_points_firmware *
zyxel access_points_firmware -
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel nwa1123-acv2 -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel wax510d -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel wac5302d-s -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel nwa5120 -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel nwa5301-nj -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel wax610d -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel wax650s -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel wac6550 -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel wac6303d-s -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel wac6500 -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel wac6100 -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel nwa210ax -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel nwa110ax -
zyxel access_points_firmware *
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel access_points_firmware 6.10
zyxel nwa1302-ac -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "145E41D9-E376-4B8E-A34F-F2C7ECFD649D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BCE32A1C-A730-4893-BCB9-F753F8E65440",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B40C703E-C7C0-4B49-A336-83853D3E8C31",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C7E32879-01A2-49B1-A354-068CEB1CA3A5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC4B9AC6-7C55-42BD-A1D8-F5D5A19AC59D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92CE6F04-403B-4A52-A3A5-DD0190CF15D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6CD5A4AB-0CC2-4CAF-AAFA-0F866174842F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "32F7F370-C585-45FE-A7F7-40BFF13928CF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "38B7995C-80E0-413B-9F2C-387EF3703927",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D84DDB81-DE66-4427-8833-633B45A45A14",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F11F36C-60DB-4D81-A320-53EEE43758C1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C65DB5E9-2FE3-4807-970E-A42FDF82B50E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "82864EF6-B63D-4947-A18C-AE0156CCA7FA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4834AC5E-884D-4A1C-A39B-B3F4A281E3CB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B68C4BD-3279-47AB-AC2A-7555163B12E2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60F4E816-C4D3-451A-965C-45387D7DEB5B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7239C54F-EC9E-44B4-AE33-1D36E5448219",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "06D2AD3A-9197-487D-A267-24DE332CC66B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EAFF1122-755A-4531-AA2E-FD6E8478F92F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg2200-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "68CB2401-479A-4124-B03F-589D7C1061FF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F302801D-3720-4598-8458-A8938BD6CB46",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5CCD2777-CC85-4BAA-B16B-19C2DB8DB742",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0906F3FA-793B-421D-B957-7E9C18C1AEC0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26900300-1325-4C8A-BC3B-A10233B2462A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A5A7555E-BC29-460C-A701-7DCDEAFE67F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C40B7360-E9B0-4198-8163-CEADE7525E66",
                     versionEndIncluding: "4.55",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123-ac_hd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A0FB576-76A2-4A25-979E-5E5B3BF5C636",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123-ac_pro:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "145723DB-C34B-4C2A-B3C2-7A5CFEF503CA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEC41216-BA1D-4D89-BA08-4A3EDC9EA6B4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123-acv2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "49C40B96-55B2-44AA-A75A-92EEEE93371C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac5302d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E4AA4FC1-E3E4-499F-B0C1-22B738DA4DA8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa5120:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "109301CB-1A6F-4FF2-A64E-55D698A601CD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa5301-nj:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "328EB14D-84E9-4F4B-8277-43F52644AE7B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6550:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "22BA1F7B-B2D2-44D6-83A4-859DF7BAC001",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0F08117-0BCE-4EA1-8DA7-1AC4EFF67E2F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B504AA70-D60A-4158-B3A5-BADBED2F8BAA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac6100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "227EDB1C-0070-4B5D-9070-B4717DB3DF08",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAC4D19-A1FA-4539-A672-46207670D9DF",
                     versionEndIncluding: "6.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*",
                     matchCriteriaId: "23C1F0FA-38F5-4EA0-AEE0-219C34DCCE8A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "A3B4EC91-B091-474F-B2E9-4DF474746547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*",
                     matchCriteriaId: "D3831184-A454-4E0D-9B1D-653C5FF7A6F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*",
                     matchCriteriaId: "CC14EDB3-613B-4531-9581-1A9687E27ECF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*",
                     matchCriteriaId: "C5B8CBD3-5115-4813-A372-66C0312DA95E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*",
                     matchCriteriaId: "725083DF-B9BE-45DD-B999-511528F2C4CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*",
                     matchCriteriaId: "0B9218D6-0DBF-45A8-ABED-AAC6C800B88F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*",
                     matchCriteriaId: "5D785597-7B27-4910-A4A0-0E2968CA7488",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1302-ac:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFA514BB-B688-4EBD-9530-F5112F7503F6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.",
      },
      {
         lang: "es",
         value: "Un desbordamiento de búfer en la región stack de la memoria en el archivo fbwifi_continue.cgi en Zyxel serie UTM y VPN de puertas de enlace que ejecutan la versión de firmware V4.30 hasta la V4.55, lo que permite a atacantes remotos no autenticados ejecutar código arbitrario por medio de un paquete http diseñado",
      },
   ],
   id: "CVE-2020-25014",
   lastModified: "2024-12-12T16:23:25.593",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 7.5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 9.8,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-11-27T18:15:11.563",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://businessforum.zyxel.com/categories/security-news-and-release",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://businessforum.zyxel.com/categories/security-news-and-release",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-11-27 10:15
Modified
2024-12-05 18:41
Summary
A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL.



{
   cisaActionDue: "2024-12-24",
   cisaExploitAdd: "2024-12-03",
   cisaRequiredAction: "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
   cisaVulnerabilityName: "Zyxel Multiple Firewalls Path Traversal Vulnerability",
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "18B592F1-F584-4573-AD75-398CE03F6627",
                     versionEndIncluding: "5.38",
                     versionStartIncluding: "5.00",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "788B28B2-E2EE-4D98-8862-15B121009B6E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "18B592F1-F584-4573-AD75-398CE03F6627",
                     versionEndIncluding: "5.38",
                     versionStartIncluding: "5.00",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E4EDCC3C-8EE5-43D3-8739-34987F025DF2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03036815-04AE-4E39-8310-DA19A32CFA48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBEE7B76-74EB-4570-9A5B-071BA9E36DB9",
                     versionEndIncluding: "5.38",
                     versionStartIncluding: "5.10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBEE7B76-74EB-4570-9A5B-071BA9E36DB9",
                     versionEndIncluding: "5.38",
                     versionStartIncluding: "5.10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de directory traversal en la interfaz de administración web de las versiones de firmware de la serie Zyxel ATP V5.00 a V5.38, las versiones de firmware de la serie USG FLEX V5.00 a V5.38, las versiones de firmware de la serie USG FLEX 50(W) V5.10 a V5.38 y las versiones de firmware de la serie USG20(W)-VPN V5.10 a V5.38 podría permitir que un atacante descargue o cargue archivos a través de una URL manipulada específicamente.",
      },
   ],
   id: "CVE-2024-11667",
   lastModified: "2024-12-05T18:41:12.113",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "security@zyxel.com.tw",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 9.8,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-11-27T10:15:04.210",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-27-2024",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-22",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-09-03 02:15
Modified
2024-12-13 16:14
Summary
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series firmware versions from V5.00 through V5.38, and USG20(W)-VPN series firmware versions from V5.00 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted compressed language file via FTP.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC8D4F1E-E641-441B-AC6D-3355B6B7BF2E",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "5.00",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC8D4F1E-E641-441B-AC6D-3355B6B7BF2E",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "5.00",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03036815-04AE-4E39-8310-DA19A32CFA48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC8D4F1E-E641-441B-AC6D-3355B6B7BF2E",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "5.00",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series firmware versions from V5.00 through V5.38, and USG20(W)-VPN series firmware versions from V5.00 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted compressed language file via FTP.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de inyección de comandos posterior a la autenticación en las versiones de firmware de la serie Zyxel ATP de V5.00 a V5.38, las versiones de firmware de la serie USG FLEX de V5.00 a V5.38, las versiones de firmware de la serie USG FLEX 50(W) de V5.00 a V5.38 y las versiones de firmware de la serie USG20(W)-VPN de V5.00 a V5.38 podría permitir que un atacante autenticado con privilegios de administrador ejecute algunos comandos del sistema operativo en un dispositivo afectado mediante la carga de un archivo de idioma comprimido manipulado a través de FTP.",
      },
   ],
   id: "CVE-2024-42059",
   lastModified: "2024-12-13T16:14:36.887",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 5.9,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2024-09-03T02:15:04.690",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-11-28 02:15
Modified
2024-11-21 08:12
Summary
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "03FAEFC8-186B-4B52-869F-DA27224692C0",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0DE544DC-2644-4706-BB80-75B7E16DF4DD",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "371CE32A-C28E-44D2-9B0B-D8775928FD0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "549A6FE1-25D6-4239-87B6-B729C098C625",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C7DDF8F2-1E1C-4040-B24D-7959863AD5AF",
                     versionEndExcluding: "6.70\\(abtg.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6372C936-65AD-431B-B0F3-3731E6B236EC",
                     versionEndExcluding: "6.70\\(abvt.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D24E34B2-E5E8-4269-A168-4904A7751427",
                     versionEndExcluding: "6.70\\(abtd.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3B44BE7-A6FD-4B9B-B6F9-60A4B792E57B",
                     versionEndExcluding: "6.70\\(acco.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E03F755-424D-4248-9076-ED7BECEB94C5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D93BE4DB-8B74-4FE1-814D-22E78027FC7B",
                     versionEndExcluding: "6.80\\(abyw.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A88CCD01-D827-4891-8E99-67B6FD064FE9",
                     versionEndExcluding: "6.80\\(acge.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7DD6E6B-61EC-4E60-8244-56ADB26F2234",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C732FD48-F3FC-45A6-9081-D2067305D6F7",
                     versionEndExcluding: "6.80\\(abzl.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "221D7820-55CA-447C-94FB-4946EC1536E7",
                     versionEndExcluding: "6.80\\(accv.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D936894-A119-4EC4-BA51-3B2CD9F3F477",
                     versionEndExcluding: "6.80\\(acgf.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFA44855-B135-44BD-AE21-FC58CD647AB6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34B57801-88C6-4BAB-A47F-EE428F8208C1",
                     versionEndExcluding: "6.70\\(abvs.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E013C28-F1C2-474C-B909-6BE89752C335",
                     versionEndExcluding: "6.70\\(abwa.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E174A280-1FC8-4A97-B7B1-3B8F5B47EB82",
                     versionEndExcluding: "6.70\\(abtf.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "40288F50-E5B5-4398-BCBB-0C946869AB64",
                     versionEndExcluding: "6.70\\(abte.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B6EE5DA9-A76F-47EE-8DF2-7950DD37A1B7",
                     versionEndExcluding: "6.70\\(accn.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C0C05AC-CF02-4D2B-BB8D-7DF960BAD814",
                     versionEndExcluding: "6.70\\(abzd.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9EBCEA07-66B1-48A0-9121-09C5FE30A4E2",
                     versionEndExcluding: "6.70\\(accm.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "20E4E9A0-DF92-47B7-94D6-0867E3171E47",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0FE4DC40-903F-4063-99EA-D7D272400D22",
                     versionEndExcluding: "6.70\\(abrm.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C85EF6D-0300-4AE9-98FE-2FA05F6392D4",
                     versionEndExcluding: "6.70\\(acdo.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "31DA2420-6E71-45FE-A1B4-76524431F932",
                     versionEndExcluding: "6.70\\(acgg.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de administración de privilegios inadecuada en el comando CLI de depuración de las versiones de firmware: \nserie Zyxel ATP 4.32 a 5.37, \nserie USG FLEX 4.50 a 5.37, \nserie USG FLEX 50(W) 4.16 a 5.37, \nserie USG20(W)-VPN 4.16 a 5.37, \nserie VPN 4.30 a 5.37,\nNWA50AX 6.29 (ABYW.2), \nWAC500 6.65 (ABVS.1), \nWAX300H 6.60 (ACHF.1) y\nWBE660S 6.65 ( ACGG.1).\nPodría permitir que un atacante local autenticado acceda a los archivos del sistema en un dispositivo afectado.",
      },
   ],
   id: "CVE-2023-37925",
   lastModified: "2024-11-21T08:12:29.060",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "NONE",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2023-11-28T02:15:42.547",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-269",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-09-03 02:15
Modified
2024-12-13 16:14
Summary
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device by executing a crafted CLI command.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD9D1DBC-2A80-48A7-BC9E-77205BC03446",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.60",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD9D1DBC-2A80-48A7-BC9E-77205BC03446",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.60",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03036815-04AE-4E39-8310-DA19A32CFA48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device by executing a crafted CLI command.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de inyección de comandos posterior a la autenticación en las versiones de firmware de la serie Zyxel ATP de V4.60 a V5.38 y en las versiones de firmware de la serie USG FLEX de V4.60 a V5.38 podría permitir que un atacante autenticado con privilegios de administrador ejecute algunos comandos del sistema operativo (OS) en un dispositivo afectado mediante la ejecución de un comando CLI manipulado específicamente.",
      },
   ],
   id: "CVE-2024-7203",
   lastModified: "2024-12-13T16:14:32.587",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 5.9,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2024-09-03T02:15:05.520",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-12-27 06:15
Modified
2024-11-21 05:23
Summary
Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before SD-OS V10.03 week32, USG before ZLD V4.39 week38, USG FLEX before ZLD V4.55 week38, ATP before ZLD V4.55 week38, and NSG before 1.33 patch 4.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:vpn_orchestrator:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "842065AF-8891-4E54-BAF8-372FBA530FB8",
                     versionEndExcluding: "10.03",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EBC3085-5EF0-401A-B12E-526E631A724A",
                     versionEndExcluding: "4.39",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1969FFC2-E9AA-457C-9108-1625BEDD5A49",
                     versionEndExcluding: "4.55",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E4EDCC3C-8EE5-43D3-8739-34987F025DF2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1969FFC2-E9AA-457C-9108-1625BEDD5A49",
                     versionEndExcluding: "4.55",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "788B28B2-E2EE-4D98-8862-15B121009B6E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "75EAE981-2CE9-408F-AF1E-BD2555BD4675",
                     versionEndExcluding: "1.33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg_firmware:1.33:-:*:*:*:*:*:*",
                     matchCriteriaId: "B05B561B-F090-494C-993D-0699CCBC5832",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:nsg_firmware:1.33:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "9574E2A0-48C8-4D56-9CC1-11114B3BEB75",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nsg:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D2AD6681-F470-4692-A017-06844041B035",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:usg_flex_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C1C5224F-DD80-4A1F-BC4D-26987AE204C8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EBC3085-5EF0-401A-B12E-526E631A724A",
                     versionEndExcluding: "4.39",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E4EDCC3C-8EE5-43D3-8739-34987F025DF2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before SD-OS V10.03 week32, USG before ZLD V4.39 week38, USG FLEX before ZLD V4.55 week38, ATP before ZLD V4.55 week38, and NSG before 1.33 patch 4.",
      },
      {
         lang: "es",
         value: "Determinados productos Zyxel permiten una inyección de comandos por un administrador por medio de una cadena de entrada a la función chg_exp_pwd durante una acción de cambio de contraseña. Esto afecta a VPN local anterior a ZLD versión V4.39 week38, VPN Orchestrator anterior a SD-OS versión V10.03 week32, USG anterior a ZLD versión V4.39 week38, USG FLEX anterior a ZLD versión V4.55 week38, ATP anterior a ZLD versión V4.55 week38, y NSG anterior a versión 1.33 parche 4",
      },
   ],
   id: "CVE-2020-29299",
   lastModified: "2024-11-21T05:23:53.157",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "COMPLETE",
               baseScore: 9,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-12-27T06:15:12.447",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/support/Zyxel-security-advisory-for-command-injection-vulnerability-of-firewalls.shtml",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/us/en/support/security_advisories.shtml",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/support/Zyxel-security-advisory-for-command-injection-vulnerability-of-firewalls.shtml",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/us/en/support/security_advisories.shtml",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-77",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-11-28 02:15
Modified
2024-11-21 08:35
Summary
An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions on an affected device by sending a crafted IKE packet.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "03FAEFC8-186B-4B52-869F-DA27224692C0",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0DE544DC-2644-4706-BB80-75B7E16DF4DD",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "371CE32A-C28E-44D2-9B0B-D8775928FD0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "549A6FE1-25D6-4239-87B6-B729C098C625",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions on an affected device by sending a crafted IKE packet.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de desbordamiento de enteros en el código fuente del kit de herramientas QuickSec IPSec utilizado en la función VPN de las versiones de firmware: \nserie Zyxel ATP 4.32 a 5.37,\nserie USG FLEX 4.50 a 5.37, \nserie USG FLEX 50(W) 4.16 a 5.37 , \nserie USG20(W)-VPN 4.16 a 5.37.\nLas versiones de firmware de la serie VPN 4.30 a 5.37 podrían permitir que un atacante no autenticado cause condiciones de denegación de servicio (DoS) en un dispositivo afectado mediante el envío de un paquete IKE manipulado.",
      },
   ],
   id: "CVE-2023-4398",
   lastModified: "2024-11-21T08:35:03.840",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "security@zyxel.com.tw",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-11-28T02:15:43.187",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-190",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-11-28 03:15
Modified
2024-11-21 08:42
Summary
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "03FAEFC8-186B-4B52-869F-DA27224692C0",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0DE544DC-2644-4706-BB80-75B7E16DF4DD",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "371CE32A-C28E-44D2-9B0B-D8775928FD0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "549A6FE1-25D6-4239-87B6-B729C098C625",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C7DDF8F2-1E1C-4040-B24D-7959863AD5AF",
                     versionEndExcluding: "6.70\\(abtg.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A3F9232-F988-4428-9898-4F536123CE88",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6372C936-65AD-431B-B0F3-3731E6B236EC",
                     versionEndExcluding: "6.70\\(abvt.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36C13E7F-2186-4587-83E9-57B05A7147B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D24E34B2-E5E8-4269-A168-4904A7751427",
                     versionEndExcluding: "6.70\\(abtd.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3B44BE7-A6FD-4B9B-B6F9-60A4B792E57B",
                     versionEndExcluding: "6.70\\(acco.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E03F755-424D-4248-9076-ED7BECEB94C5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D93BE4DB-8B74-4FE1-814D-22E78027FC7B",
                     versionEndExcluding: "6.80\\(abyw.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2806A3B3-8F13-4170-B284-8809E3502044",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A88CCD01-D827-4891-8E99-67B6FD064FE9",
                     versionEndExcluding: "6.80\\(acge.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7DD6E6B-61EC-4E60-8244-56ADB26F2234",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C732FD48-F3FC-45A6-9081-D2067305D6F7",
                     versionEndExcluding: "6.80\\(abzl.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7440976-5CB4-40BE-95C2-98EF4B888109",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "221D7820-55CA-447C-94FB-4946EC1536E7",
                     versionEndExcluding: "6.80\\(accv.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A903978-737E-4266-A670-BC94E32CAF96",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D936894-A119-4EC4-BA51-3B2CD9F3F477",
                     versionEndExcluding: "6.80\\(acgf.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFA44855-B135-44BD-AE21-FC58CD647AB6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34B57801-88C6-4BAB-A47F-EE428F8208C1",
                     versionEndExcluding: "6.70\\(abvs.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C024551-F08F-4152-940D-1CF8BCD79613",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E013C28-F1C2-474C-B909-6BE89752C335",
                     versionEndExcluding: "6.70\\(abwa.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A1FD502-4F62-4C77-B3BC-E563B24F0067",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E174A280-1FC8-4A97-B7B1-3B8F5B47EB82",
                     versionEndExcluding: "6.70\\(abtf.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "40288F50-E5B5-4398-BCBB-0C946869AB64",
                     versionEndExcluding: "6.70\\(abte.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3518DA0A-2C7B-4979-A457-0826C921B0F0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B6EE5DA9-A76F-47EE-8DF2-7950DD37A1B7",
                     versionEndExcluding: "6.70\\(accn.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C0C05AC-CF02-4D2B-BB8D-7DF960BAD814",
                     versionEndExcluding: "6.70\\(abzd.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC74AAF9-5206-4CEB-9023-6CD4F38AA623",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9EBCEA07-66B1-48A0-9121-09C5FE30A4E2",
                     versionEndExcluding: "6.70\\(accm.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "20E4E9A0-DF92-47B7-94D6-0867E3171E47",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0FE4DC40-903F-4063-99EA-D7D272400D22",
                     versionEndExcluding: "6.70\\(abrm.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D784994E-E2CE-4328-B490-D9DC195A53DB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C85EF6D-0300-4AE9-98FE-2FA05F6392D4",
                     versionEndExcluding: "6.70\\(acdo.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "31DA2420-6E71-45FE-A1B4-76524431F932",
                     versionEndExcluding: "6.70\\(acgg.0\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de administración de privilegios inadecuada en el comando CLI de depuración de las versiones de firmware: \nserie Zyxel ATP 4.32 a 5.37,\nserie USG FLEX 4.50 a 5.37, \nserie USG FLEX 50(W) 4.16 a 5.37, \nserie USG20(W)-VPN  4.16 a 5.37,\nserie VPN 4.30 a 5.37, \nNWA50AX 6.29 (ABYW.2), \nWAC500 6.65 (ABVS.1), \nWAX300H 6.60 (ACHF.1) y \nWBE660S 6.65 ( ACGG.1),.\nPodría permitir que un atacante local autenticado acceda a los registros del administrador en un dispositivo afectado.",
      },
   ],
   id: "CVE-2023-5797",
   lastModified: "2024-11-21T08:42:30.560",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "NONE",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2023-11-28T03:15:07.123",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-269",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-11-28 02:15
Modified
2024-11-21 08:35
Summary
A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:5.37:*:*:*:*:*:*:*",
                     matchCriteriaId: "26B7AE28-E9ED-4488-BF31-74A15DE79C7A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:5.37:*:*:*:*:*:*:*",
                     matchCriteriaId: "26B7AE28-E9ED-4488-BF31-74A15DE79C7A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:5.37:*:*:*:*:*:*:*",
                     matchCriteriaId: "26B7AE28-E9ED-4488-BF31-74A15DE79C7A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "371CE32A-C28E-44D2-9B0B-D8775928FD0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de desbordamiento del búfer en la versión 5.37 del firmware de la serie Zyxel ATP, la versión 5.37 del firmware de la serie USG FLEX, la versión 5.37 del firmware de la serie USG FLEX 50(W) y la versión 5.37 del firmware de la serie USG20(W)-VPN, podría permitir que un atacante local autenticado con privilegios de administrador para provocar condiciones de denegación de servicio (DoS) ejecutando el comando CLI con cadenas manipuladas en un dispositivo afectado.",
      },
   ],
   id: "CVE-2023-4397",
   lastModified: "2024-11-21T08:35:03.707",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 4.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 3.6,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2023-11-28T02:15:42.990",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-120",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-11-28 02:15
Modified
2024-11-21 08:08
Summary
An improper input validation vulnerability in the “Quagga” package of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to access configuration files on an affected device.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "03FAEFC8-186B-4B52-869F-DA27224692C0",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0DE544DC-2644-4706-BB80-75B7E16DF4DD",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "371CE32A-C28E-44D2-9B0B-D8775928FD0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "549A6FE1-25D6-4239-87B6-B729C098C625",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An improper input validation vulnerability in the “Quagga” package of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to access configuration files on an affected device.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de validación de entrada incorrecta en el paquete “Quagga” de las versiones de firmware:\nserie Zyxel ATP 4.32 a 5.37, \nserie USG FLEX 4.50 a 5.37, \nserie USG FLEX 50(W) 4.16 a 5.37, USG20(W)-VPN.\nLas versiones de firmware de la serie 4.16 a 5.37 y las versiones de firmware de la serie VPN 4.30 a 5.37 podrían permitir que un atacante local autenticado acceda a los archivos de configuración en un dispositivo afectado.",
      },
   ],
   id: "CVE-2023-35136",
   lastModified: "2024-11-21T08:08:00.423",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "NONE",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2023-11-28T02:15:42.143",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-09-03 03:15
Modified
2024-12-13 16:14
Summary
A reflected cross-site scripting (XSS) vulnerability in the CGI program "dynamic_script.cgi" of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an attacker to trick a user into visiting a crafted URL with the XSS payload. The attacker could obtain browser-based information if the malicious script is executed on the victim’s browser.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "871446C3-30E8-4FE9-AC8A-4D87A400233F",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.32",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B41F437-855B-4490-8011-DF59887BE6D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B99746-0589-46E6-9CBD-F38619AD97DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4240E15F-8869-4DA7-9F6E-5DAF3708F9A7",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03036815-04AE-4E39-8310-DA19A32CFA48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C43DB2-3339-4FB1-AC44-56619A9DDAA0",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C43DB2-3339-4FB1-AC44-56619A9DDAA0",
                     versionEndExcluding: "5.39",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A reflected cross-site scripting (XSS) vulnerability in the CGI program \"dynamic_script.cgi\" of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an attacker to trick a user into visiting a crafted URL with the XSS payload. The attacker could obtain browser-based information if the malicious script is executed on the victim’s browser.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de Cross-site Scripting (XSS) reflejado en el programa CGI \"dynamic_script.cgi\" de las versiones de firmware de la serie Zyxel ATP desde la V4.32 hasta la V5.38, las versiones de firmware de la serie USG FLEX desde la V4.50 hasta la V5.38, las versiones de firmware de la serie USG FLEX 50(W) desde la V4.16 hasta la V5.38 y las versiones de firmware de la serie USG20(W)-VPN desde la V4.16 hasta la V5.38 podría permitir a un atacante engañar a un usuario para que visite una URL manipulada con el payload XSS. El atacante podría obtener información basada en el navegador si el script malicioso se ejecuta en el navegador de la víctima.",
      },
   ],
   id: "CVE-2024-42061",
   lastModified: "2024-12-13T16:14:38.577",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.1,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.7,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2024-09-03T03:15:03.710",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-11-28 03:15
Modified
2024-11-21 08:42
Summary
An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "03FAEFC8-186B-4B52-869F-DA27224692C0",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "110A1CA4-0170-4834-8281-0A3E14FC5584",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "549A6FE1-25D6-4239-87B6-B729C098C625",
                     versionEndIncluding: "5.37",
                     versionStartIncluding: "4.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EECD311A-4E96-4576-AADF-47291EDE3559",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C45C303-1A95-4245-B242-3AB9B9106CD4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de administración de privilegios inadecuada en la función de punto de acceso de las versiones de firmware de la serie Zyxel USG FLEX 4.50 a 5.37 y las versiones de firmware de la serie VPN 4.30 a 5.37 podría permitir que un atacante local autenticado acceda a los archivos del sistema en un dispositivo afectado.",
      },
   ],
   id: "CVE-2023-5960",
   lastModified: "2024-11-21T08:42:52.087",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "NONE",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "security@zyxel.com.tw",
            type: "Primary",
         },
      ],
   },
   published: "2023-11-28T03:15:07.310",
   references: [
      {
         source: "security@zyxel.com.tw",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
      },
   ],
   sourceIdentifier: "security@zyxel.com.tw",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-269",
            },
         ],
         source: "security@zyxel.com.tw",
         type: "Primary",
      },
   ],
}

cve-2023-35139
Vulnerability from cvelistv5
Published
2023-11-28 01:22
Modified
2024-08-02 16:23
Summary
A cross-site scripting (XSS) vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50(W) series firmware versions 5.10 through 5.37, USG20(W)-VPN series firmware versions 5.10 through 5.37, and VPN series firmware versions 5.00 through 5.37, could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed to steal cookies when the user visits the specific CGI used for dumping ZTP logs.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions 5.10 through 5.37
Zyxel USG FLEX series firmware Version: versions 5.00 through 5.37
Zyxel USG FLEX 50(W) series firmware Version: versions 5.10 through 5.37
Zyxel USG20(W)-VPN series firmware Version: versions 5.10 through 5.37
Zyxel VPN series firmware Version: versions 5.00 through 5.37
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T16:23:59.589Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 5.10 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: " versions 5.00 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: " USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 5.10 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: " versions 5.10 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 5.00 through 5.37",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A cross-site scripting (XSS) vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50(W) series firmware versions 5.10 through 5.37, USG20(W)-VPN series firmware versions 5.10 through 5.37, and VPN series firmware versions 5.00 through 5.37, could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed to steal cookies when the user visits the specific CGI used for dumping ZTP logs.",
                  },
               ],
               value: "A cross-site scripting (XSS) vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50(W) series firmware versions 5.10 through 5.37, USG20(W)-VPN series firmware versions 5.10 through 5.37, and VPN series firmware versions 5.00 through 5.37, could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed to steal cookies when the user visits the specific CGI used for dumping ZTP logs.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.2,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-11-28T01:22:07.985Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2023-35139",
      datePublished: "2023-11-28T01:22:07.985Z",
      dateReserved: "2023-06-14T06:26:48.564Z",
      dateUpdated: "2024-08-02T16:23:59.589Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-5960
Vulnerability from cvelistv5
Published
2023-11-28 02:05
Modified
2024-08-02 08:14
Summary
An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device.
Impacted products
Vendor Product Version
Zyxel USG FLEX series firmware Version: versions 4.50 through 5.37
Zyxel VPN series firmware Version: versions 4.30 through 5.37
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T08:14:25.225Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.50 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.30 through 5.37",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device.",
                  },
               ],
               value: "An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "NONE",
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-269",
                     description: "CWE-269 Improper Privilege Management",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-11-28T02:05:45.830Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2023-5960",
      datePublished: "2023-11-28T02:05:45.830Z",
      dateReserved: "2023-11-06T01:35:33.602Z",
      dateUpdated: "2024-08-02T08:14:25.225Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-37926
Vulnerability from cvelistv5
Published
2023-11-28 01:37
Modified
2024-08-02 17:23
Summary
A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions 4.32 through 5.37
Zyxel USG FLEX series firmware Version: versions 4.50 through 5.37
Zyxel USG FLEX 50(W) series firmware Version: versions 4.16 through 5.37
Zyxel USG20(W)-VPN series firmware Version: versions 4.16 through 5.37
Zyxel VPN series firmware Version: versions 4.30 through 5.37
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T17:23:27.797Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.32 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.50 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.16 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.16 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.30 through 5.37",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device.",
                  },
               ],
               value: "A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-120",
                     description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-11-28T01:37:19.483Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2023-37926",
      datePublished: "2023-11-28T01:37:19.483Z",
      dateReserved: "2023-07-11T01:52:33.655Z",
      dateUpdated: "2024-08-02T17:23:27.797Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-4397
Vulnerability from cvelistv5
Published
2023-11-28 01:42
Modified
2024-08-02 07:24
Summary
A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: 5.37
Zyxel USG FLEX series firmware Version: 5.37
Zyxel USG FLEX 50(W) series firmware Version: 5.37
Zyxel USG20(W)-VPN series firmware Version: 5.37
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T07:24:04.592Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: " USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "5.37",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device.",
                  },
               ],
               value: "A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 4.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-120",
                     description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-11-28T01:42:00.951Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2023-4397",
      datePublished: "2023-11-28T01:42:00.951Z",
      dateReserved: "2023-08-17T08:25:31.464Z",
      dateUpdated: "2024-08-02T07:24:04.592Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-42057
Vulnerability from cvelistv5
Published
2024-09-03 01:43
Modified
2024-09-03 13:54
Summary
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an unauthenticated attacker to execute some OS commands on an affected device by sending a crafted username to the vulnerable device. Note that this attack could be successful only if the device was configured in User-Based-PSK authentication mode and a valid user with a long username exceeding 28 characters exists.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions V4.32 through V5.38
Zyxel USG FLEX series firmware Version: versions V4.50 through V5.38
Zyxel USG FLEX 50(W) series firmware Version: versions V4.16 through V5.38
Zyxel USG20(W)-VPN series firmware Version: versions V4.16 through V5.38
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "atp800_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "4.32",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg_flex_100ax_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_200h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_500h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50ax_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_700h_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "usg_flex_700h_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "4.5",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "usg_flex_50w_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "4.16",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-42057",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-03T13:46:54.243981Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-03T13:54:39.611Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.32 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.50 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.16 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.16 through V5.38",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an unauthenticated attacker to execute some OS commands on an affected device by sending a crafted username to the vulnerable device. Note that this attack could be successful only if the device was configured in User-Based-PSK authentication mode and a valid user with a long username exceeding 28 characters exists.",
                  },
               ],
               value: "A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an unauthenticated attacker to execute some OS commands on an affected device by sending a crafted username to the vulnerable device. Note that this attack could be successful only if the device was configured in User-Based-PSK authentication mode and a valid user with a long username exceeding 28 characters exists.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-78",
                     description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-03T01:43:28.106Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2024-42057",
      datePublished: "2024-09-03T01:43:28.106Z",
      dateReserved: "2024-07-29T02:36:19.275Z",
      dateUpdated: "2024-09-03T13:54:39.611Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-42061
Vulnerability from cvelistv5
Published
2024-09-03 01:59
Modified
2024-09-03 13:48
Summary
A reflected cross-site scripting (XSS) vulnerability in the CGI program "dynamic_script.cgi" of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an attacker to trick a user into visiting a crafted URL with the XSS payload. The attacker could obtain browser-based information if the malicious script is executed on the victim’s browser.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions V4.32 through V5.38
Zyxel USG FLEX series firmware Version: versions V4.50 through V5.38
Zyxel USG FLEX 50(W) series firmware Version: versions V4.16 through V5.38
Zyxel USG20(W)-VPN series firmware Version: versions V4.16 through V5.38
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-42061",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-03T13:48:31.873349Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-03T13:48:38.734Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.32 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.50 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.16 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.16 through V5.38",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A reflected cross-site scripting (XSS) vulnerability in the CGI program \"dynamic_script.cgi\" of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an attacker to trick a user into visiting a crafted URL with the XSS payload. The attacker could obtain browser-based information if the malicious script is executed on the victim’s browser.",
                  },
               ],
               value: "A reflected cross-site scripting (XSS) vulnerability in the CGI program \"dynamic_script.cgi\" of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an attacker to trick a user into visiting a crafted URL with the XSS payload. The attacker could obtain browser-based information if the malicious script is executed on the victim’s browser.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-03T01:59:36.884Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2024-42061",
      datePublished: "2024-09-03T01:59:36.884Z",
      dateReserved: "2024-07-29T02:36:19.275Z",
      dateUpdated: "2024-09-03T13:48:38.734Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-5797
Vulnerability from cvelistv5
Published
2023-11-28 02:00
Modified
2024-12-02 19:31
Summary
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions 4.32 through 5.37
Zyxel USG FLEX series firmware Version: versions 4.50 through 5.37
Zyxel USG FLEX 50(W) series firmware Version: versions 4.16 through 5.37
Zyxel USG20(W)-VPN series firmware Version: versions 4.16 through 5.37
Zyxel VPN series firmware Version: versions 4.30 through 5.37
Zyxel NWA50AX firmware Version: 6.29(ABYW.2)
Zyxel WAC500 firmware Version: 6.65(ABVS.1)
Zyxel WAX300H firmware Version: 6.60(ACHF.1)
Zyxel WBE660S firmware Version: 6.65(ACGG.1)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T08:14:24.078Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-5797",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-12-02T19:31:26.701004Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-12-02T19:31:49.340Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: " versions 4.32 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.50 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.16 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.16 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.30 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "NWA50AX firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "6.29(ABYW.2)",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "WAC500 firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "6.65(ABVS.1)",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "WAX300H firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "6.60(ACHF.1)",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "WBE660S firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "6.65(ACGG.1)",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.",
                  },
               ],
               value: "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "NONE",
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-269",
                     description: "CWE-269 Improper Privilege Management",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-11-28T02:00:59.801Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2023-5797",
      datePublished: "2023-11-28T02:00:59.801Z",
      dateReserved: "2023-10-26T08:51:44.363Z",
      dateUpdated: "2024-12-02T19:31:49.340Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-25014
Vulnerability from cvelistv5
Published
2020-11-27 17:18
Modified
2024-08-04 15:26
Severity ?
Summary
A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T15:26:09.045Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://businessforum.zyxel.com/categories/security-news-and-release",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-11-27T17:18:30",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://businessforum.zyxel.com/categories/security-news-and-release",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-25014",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://businessforum.zyxel.com/categories/security-news-and-release",
                     refsource: "MISC",
                     url: "https://businessforum.zyxel.com/categories/security-news-and-release",
                  },
                  {
                     name: "https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml",
                     refsource: "CONFIRM",
                     url: "https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-25014",
      datePublished: "2020-11-27T17:18:30",
      dateReserved: "2020-08-28T00:00:00",
      dateUpdated: "2024-08-04T15:26:09.045Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-4398
Vulnerability from cvelistv5
Published
2023-11-28 01:48
Modified
2024-10-17 17:38
Summary
An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions on an affected device by sending a crafted IKE packet.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions 4.32 through 5.37
Zyxel USG FLEX series firmware Version: versions 4.50 through 5.37
Zyxel USG FLEX 50(W) series firmware Version: versions 4.16 through 5.37
Zyxel USG20(W)-VPN series firmware Version: versions 4.16 through 5.37
Zyxel VPN series firmware Version: versions 4.30 through 5.37
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T07:24:04.643Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
               },
            ],
            title: "CVE Program Container",
         },
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:atp_firmware:0:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "atp_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.37",
                        status: "affected",
                        version: "4.32",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg_flex_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "usg_flex_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.37",
                        status: "affected",
                        version: "4.50",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "usg_flex_50w_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.37",
                        status: "affected",
                        version: "4.16",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "usg20w-vpn_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.37",
                        status: "affected",
                        version: "4.16",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:vpn_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "vpn_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.37",
                        status: "affected",
                        version: "5.30",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-4398",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-15T17:28:40.928455Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-17T17:38:37.172Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.32 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.50 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.16 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.16 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.30 through 5.37",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions on an affected device by sending a crafted IKE packet.",
                  },
               ],
               value: "An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions on an affected device by sending a crafted IKE packet.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-190",
                     description: "CWE-190 Integer Overflow or Wraparound",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-11-28T01:48:28.586Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2023-4398",
      datePublished: "2023-11-28T01:48:28.586Z",
      dateReserved: "2023-08-17T08:27:42.249Z",
      dateUpdated: "2024-10-17T17:38:37.172Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-5650
Vulnerability from cvelistv5
Published
2023-11-28 01:53
Modified
2024-08-02 08:07
Summary
An improper privilege management vulnerability in the ZySH of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to modify the URL of the registration page in the web GUI of an affected device.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions 4.32 through 5.37
Zyxel USG FLEX series firmware Version: versions 4.50 through 5.37
Zyxel USG FLEX 50(W) series firmware Version: versions 4.16 through 5.37
Zyxel USG20(W)-VPN series firmware Version: versions 4.16 through 5.37
Zyxel VPN series firmware Version: versions 4.30 through 5.37
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T08:07:32.465Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.32 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.50 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.16 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: " USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.16 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.30 through 5.37",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "An improper privilege management vulnerability in the ZySH of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to modify the URL of the registration page in the web GUI of an affected device.",
                  },
               ],
               value: "An improper privilege management vulnerability in the ZySH of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to modify the URL of the registration page in the web GUI of an affected device.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "NONE",
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-269",
                     description: "CWE-269 Improper Privilege Management",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-11-28T01:53:43.502Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2023-5650",
      datePublished: "2023-11-28T01:53:43.502Z",
      dateReserved: "2023-10-19T08:47:51.571Z",
      dateUpdated: "2024-08-02T08:07:32.465Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-42059
Vulnerability from cvelistv5
Published
2024-09-03 01:51
Modified
2024-09-03 13:53
Summary
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series firmware versions from V5.00 through V5.38, and USG20(W)-VPN series firmware versions from V5.00 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted compressed language file via FTP.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions V5.00 through V5.38
Zyxel USG FLEX series firmware Version: versions V5.00 through V5.38
Zyxel USG FLEX 50(W) series firmware Version: versions V5.00 through V5.38
Zyxel USG20(W)-VPN series firmware Version: versions V5.00 through V5.38
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "usg_flex_50w_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "5.00",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "atp800_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "5.00",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg_flex_100ax_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_200h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_500h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50ax_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_700h_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "usg_flex_700h_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "5.00",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-42059",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-03T13:46:05.210137Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-03T13:53:11.888Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V5.00 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V5.00 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V5.00 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V5.00 through V5.38",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series firmware versions from V5.00 through V5.38, and USG20(W)-VPN series firmware versions from V5.00 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted compressed language file via FTP.",
                  },
               ],
               value: "A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series firmware versions from V5.00 through V5.38, and USG20(W)-VPN series firmware versions from V5.00 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted compressed language file via FTP.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-78",
                     description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-03T01:51:20.796Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2024-42059",
      datePublished: "2024-09-03T01:51:20.796Z",
      dateReserved: "2024-07-29T02:36:19.275Z",
      dateUpdated: "2024-09-03T13:53:11.888Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-29299
Vulnerability from cvelistv5
Published
2020-12-27 05:51
Modified
2024-08-04 16:48
Severity ?
Summary
Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before SD-OS V10.03 week32, USG before ZLD V4.39 week38, USG FLEX before ZLD V4.55 week38, ATP before ZLD V4.55 week38, and NSG before 1.33 patch 4.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T16:48:01.635Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/us/en/support/security_advisories.shtml",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/support/Zyxel-security-advisory-for-command-injection-vulnerability-of-firewalls.shtml",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before SD-OS V10.03 week32, USG before ZLD V4.39 week38, USG FLEX before ZLD V4.55 week38, ATP before ZLD V4.55 week38, and NSG before 1.33 patch 4.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-12-27T05:51:45",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.zyxel.com/us/en/support/security_advisories.shtml",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.zyxel.com/support/Zyxel-security-advisory-for-command-injection-vulnerability-of-firewalls.shtml",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-29299",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before SD-OS V10.03 week32, USG before ZLD V4.39 week38, USG FLEX before ZLD V4.55 week38, ATP before ZLD V4.55 week38, and NSG before 1.33 patch 4.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.zyxel.com/us/en/support/security_advisories.shtml",
                     refsource: "MISC",
                     url: "https://www.zyxel.com/us/en/support/security_advisories.shtml",
                  },
                  {
                     name: "https://www.zyxel.com/support/Zyxel-security-advisory-for-command-injection-vulnerability-of-firewalls.shtml",
                     refsource: "MISC",
                     url: "https://www.zyxel.com/support/Zyxel-security-advisory-for-command-injection-vulnerability-of-firewalls.shtml",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-29299",
      datePublished: "2020-12-27T05:51:45",
      dateReserved: "2020-11-27T00:00:00",
      dateUpdated: "2024-08-04T16:48:01.635Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-6343
Vulnerability from cvelistv5
Published
2024-09-03 01:28
Modified
2024-09-03 13:47
Summary
A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions V4.32 through V5.38
Zyxel USG FLEX series firmware Version: versions V4.50 through V5.38
Zyxel USG FLEX 50(W) series firmware Version: versions V4.16 through V5.38
Zyxel USG20(W)-VPN series firmware Version: versions V4.16 through V5.38
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-6343",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-03T13:47:22.473001Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-03T13:47:31.099Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.32 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.50 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.16 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.16 through V5.38",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.",
                  },
               ],
               value: "A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 4.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-120",
                     description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-03T01:38:00.832Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2024-6343",
      datePublished: "2024-09-03T01:28:27.056Z",
      dateReserved: "2024-06-26T03:23:36.684Z",
      dateUpdated: "2024-09-03T13:47:31.099Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-42060
Vulnerability from cvelistv5
Published
2024-09-03 01:54
Modified
2024-09-03 13:43
Summary
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted internal user agreement file to the vulnerable device.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions V4.32 through V5.38
Zyxel USG FLEX series firmware Version: versions V4.50 through V5.38
Zyxel USG FLEX 50(W) series firmware Version: versions V4.16 through V5.38
Zyxel USG20(W)-VPN series firmware Version: versions V4.16 through V5.38
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "atp800_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "4.32",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg_flex_100ax_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_200h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_500h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50ax_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_700h_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "usg_flex_700h_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "4.5",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "usg_flex_50w_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "4.16",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-42060",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-03T13:07:39.814236Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-03T13:43:44.353Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.32 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.50 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.16 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.16 through V5.38",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted internal user agreement file to the vulnerable device.",
                  },
               ],
               value: "A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted internal user agreement file to the vulnerable device.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-78",
                     description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-03T01:54:57.221Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2024-42060",
      datePublished: "2024-09-03T01:54:57.221Z",
      dateReserved: "2024-07-29T02:36:19.275Z",
      dateUpdated: "2024-09-03T13:43:44.353Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-37925
Vulnerability from cvelistv5
Published
2023-11-28 01:30
Modified
2024-08-02 17:23
Summary
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions 4.32 through 5.37
Zyxel USG FLEX series firmware Version: versions 4.50 through 5.37
Zyxel USG FLEX 50(W) series firmware Version: versions 4.16 through 5.37
Zyxel USG20(W)-VPN series firmware Version: versions 4.16 through 5.37
Zyxel VPN series firmware Version: versions 4.30 through 5.37
Zyxel NWA50AX firmware Version: 6.29(ABYW.2)
Zyxel WAC500 firmware Version: 6.65(ABVS.1)
Zyxel WAX300H firmware Version: 6.60(ACHF.1)
Zyxel WBE660S firmware Version: 6.65(ACGG.1)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T17:23:27.715Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.32 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.50 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.16 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.16 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.30 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "NWA50AX firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "6.29(ABYW.2)",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "WAC500 firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "6.65(ABVS.1)",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "WAX300H firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "6.60(ACHF.1)",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "WBE660S firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "6.65(ACGG.1)",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.",
                  },
               ],
               value: "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "NONE",
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-269",
                     description: "CWE-269 Improper Privilege Management",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-11-28T01:30:55.186Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2023-37925",
      datePublished: "2023-11-28T01:30:55.186Z",
      dateReserved: "2023-07-11T01:52:33.655Z",
      dateUpdated: "2024-08-02T17:23:27.715Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-35136
Vulnerability from cvelistv5
Published
2023-11-28 01:16
Modified
2024-08-02 16:23
Summary
An improper input validation vulnerability in the “Quagga” package of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to access configuration files on an affected device.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions 4.32 through 5.37
Zyxel USG FLEX series firmware Version: versions 4.50 through 5.37
Zyxel USG FLEX 50(W) series firmware Version: versions 4.16 through 5.37
Zyxel USG20(W)-VPN series firmware Version: versions 4.16 through 5.37
Zyxel VPN series firmware Version: versions 4.30 through 5.37
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-35136",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2023-11-28T15:36:22.171962Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-26T14:58:05.540Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T16:23:59.474Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.32 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.50 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.16 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.16 through 5.37",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions 4.30 through 5.37",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "An improper input validation vulnerability in the “Quagga” package of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to access configuration files on an affected device.",
                  },
               ],
               value: "An improper input validation vulnerability in the “Quagga” package of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to access configuration files on an affected device.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "NONE",
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20 Improper Input Validation",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-11-28T02:08:26.895Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2023-35136",
      datePublished: "2023-11-28T01:16:16.723Z",
      dateReserved: "2023-06-14T06:26:48.563Z",
      dateUpdated: "2024-08-02T16:23:59.474Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-11667
Vulnerability from cvelistv5
Published
2024-11-27 09:39
Modified
2024-12-06 04:55
Summary
A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions V5.00 through V5.38
Zyxel USG FLEX series firmware Version: versions V5.00 through V5.38
Zyxel USG FLEX 50(W) series firmware Version: versions V5.10 through V5.38
Zyxel USG20(W)-VPN series firmware Version: versions V5.10 through V5.38
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg_flex_100h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100hp_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_200h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_200hp_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_500h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_500w_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50ax_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_60ax_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_700h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_firmware:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "usg_flex_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "5.00",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp800_firmware:-:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp_firmware:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "atp_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "5.00",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg20-vpn_firmware:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "usg20-vpn_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "5.10",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg_flex_50w_firmware:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "usg_flex_50w_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThan: "5.38",
                        status: "affected",
                        version: "5.10",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-11667",
                        options: [
                           {
                              Exploitation: "active",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-12-05T00:00:00+00:00",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
               {
                  other: {
                     content: {
                        dateAdded: "2024-12-03",
                        reference: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json",
                     },
                     type: "kev",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-12-06T04:55:25.621Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            timeline: [
               {
                  lang: "en",
                  time: "2024-12-03T00:00:00+00:00",
                  value: "CVE-2024-11667 added to CISA KEV",
               },
            ],
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V5.00 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V5.00 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V5.10 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V5.10 through V5.38",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL.",
                  },
               ],
               value: "A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-22",
                     description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-28T02:11:49.265Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-27-2024",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2024-11667",
      datePublished: "2024-11-27T09:39:41.691Z",
      dateReserved: "2024-11-25T07:15:56.063Z",
      dateUpdated: "2024-12-06T04:55:25.621Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-42058
Vulnerability from cvelistv5
Published
2024-09-03 01:47
Modified
2024-09-03 13:54
Summary
A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V5.20 through V5.38, and USG20(W)-VPN series firmware versions from V5.20 through V5.38 could allow an unauthenticated attacker to cause DoS conditions by sending crafted packets to a vulnerable device.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions V4.32 through V5.38
Zyxel USG FLEX series firmware Version: versions V4.50 through V5.38
Zyxel USG FLEX 50(W) series firmware Version: versions V5.20 through V5.38
Zyxel USG20(W)-VPN series firmware Version: versions V5.20 through V5.38
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "atp800_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "4.32",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg_flex_100ax_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_200h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_500h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50ax_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_700h_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "usg_flex_700h_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "4.5",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "usg_flex_50w_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "5.20",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-42058",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-03T13:46:39.521652Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-03T13:54:13.924Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.32 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.50 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX 50(W) series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V5.20 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG20(W)-VPN series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V5.20 through V5.38",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V5.20 through V5.38, and USG20(W)-VPN series firmware versions from V5.20 through V5.38 could allow an unauthenticated attacker to cause DoS conditions by sending crafted packets to a vulnerable device.",
                  },
               ],
               value: "A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V5.20 through V5.38, and USG20(W)-VPN series firmware versions from V5.20 through V5.38 could allow an unauthenticated attacker to cause DoS conditions by sending crafted packets to a vulnerable device.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-476",
                     description: "CWE-476 NULL Pointer Dereference",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-03T01:47:29.258Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2024-42058",
      datePublished: "2024-09-03T01:47:29.258Z",
      dateReserved: "2024-07-29T02:36:19.275Z",
      dateUpdated: "2024-09-03T13:54:13.924Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-7203
Vulnerability from cvelistv5
Published
2024-09-03 01:36
Modified
2024-09-03 13:55
Summary
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device by executing a crafted CLI command.
Impacted products
Vendor Product Version
Zyxel ATP series firmware Version: versions V4.60 through V5.38
Zyxel USG FLEX series firmware Version: versions V4.60 through V5.38
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "atp800_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "4.60",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:zyxel:usg_flex_100ax_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_200h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_500h_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50ax_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:zyxel:usg_flex_700h_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "usg_flex_700h_firmware",
                  vendor: "zyxel",
                  versions: [
                     {
                        lessThanOrEqual: "5.38",
                        status: "affected",
                        version: "4.60",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-7203",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-03T13:47:08.654398Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-03T13:55:28.588Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "ATP series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.60 through V5.38",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "USG FLEX series firmware",
               vendor: "Zyxel",
               versions: [
                  {
                     status: "affected",
                     version: "versions V4.60 through V5.38",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device by executing a crafted CLI command.",
                  },
               ],
               value: "A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device by executing a crafted CLI command.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-78",
                     description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-03T01:36:32.110Z",
            orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
            shortName: "Zyxel",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f",
      assignerShortName: "Zyxel",
      cveId: "CVE-2024-7203",
      datePublished: "2024-09-03T01:36:32.110Z",
      dateReserved: "2024-07-29T02:23:50.535Z",
      dateUpdated: "2024-09-03T13:55:28.588Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}