cve-2022-0734
Vulnerability from cvelistv5
Published
2022-05-24 02:10
Modified
2024-08-02 23:40
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Summary
A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that could allow an attacker to obtain some information stored in the user's browser, such as cookies or session tokens, via a malicious script.
References
security@zyxel.com.twhttps://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtmlVendor Advisory
Impacted products
Vendor Product Version
Zyxel USG FLEX series firmware Version: 4.50 through 5.20
Zyxel ATP series firmware Version: 4.35 through 5.20
Zyxel VPN series firmware Version: 4.35 through 5.20
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:40:03.547Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "USG/ZyWALL series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "4.35 through 4.70"
            }
          ]
        },
        {
          "product": "USG FLEX series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "4.50 through 5.20"
            }
          ]
        },
        {
          "product": "ATP series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "4.35 through 5.20"
            }
          ]
        },
        {
          "product": "VPN series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "4.35 through 5.20"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that could allow an attacker to obtain some information stored in the user\u0027s browser, such as cookies or session tokens, via a malicious script."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-24T02:10:12",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@zyxel.com.tw",
          "ID": "CVE-2022-0734",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "USG/ZyWALL series firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "4.35 through 4.70"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "USG FLEX series firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "4.50 through 5.20"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ATP series firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "4.35 through 5.20"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "VPN series firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "4.35 through 5.20"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Zyxel"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that could allow an attacker to obtain some information stored in the user\u0027s browser, such as cookies or session tokens, via a malicious script."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
              "refsource": "CONFIRM",
              "url": "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2022-0734",
    "datePublished": "2022-05-24T02:10:12",
    "dateReserved": "2022-02-23T00:00:00",
    "dateUpdated": "2024-08-02T23:40:03.547Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"9EB7ECE1-BA79-4F6B-92E6-72EAD8C1A89D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81D90A7B-174F-40A1-8AF4-08B15B7BAC40\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"BF538EAF-7694-4953-86AE-4F12F8B88315\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EECD311A-4E96-4576-AADF-47291EDE3559\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"0C3D7EC0-7209-4E60-8A2F-A23CF47A4794\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C45C303-1A95-4245-B242-3AB9B9106CD4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"14C64F26-4FFF-4102-9D06-EFD9E4921580\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E3AC823-0ECA-42D8-8312-2FBE5914E4C0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"C6BE3BA8-E117-4C98-9221-502DA903CA27\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F7654A1-3806-41C7-82D4-46B0CD7EE53B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"25040B80-E884-44F4-902E-A8F2E27C25C6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"CED15A33-FB60-44CD-978C-9D1FBD3CE5E0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D68A36FF-8CAF-401C-9F18-94F3A2405CF4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"27A45A78-3301-49BE-A1B1-47DC5596012B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2818E8AC-FFEE-4DF9-BF3F-C75166C0E851\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"913F6F7E-2D5B-4684-83C8-7929C0E385F7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B41F437-855B-4490-8011-DF59887BE6D5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"5788E87A-A69D-4EB8-BBA9-99DEFABFA2A6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66B99746-0589-46E6-9CBD-F38619AD97DC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_110_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"D2766165-4833-4744-BE12-D4D92C0337F2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7E32879-01A2-49B1-A354-068CEB1CA3A5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_1100_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"7CC99D50-3D1A-444F-949A-A7BBF664233F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC4B9AC6-7C55-42BD-A1D8-F5D5A19AC59D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_1900_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"641BB3FE-BC96-494C-A6E4-A033365E691E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92CE6F04-403B-4A52-A3A5-DD0190CF15D9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_20w_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"D1316118-0B3F-4C87-A44E-B9571A381009\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6CD5A4AB-0CC2-4CAF-AAFA-0F866174842F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"C24C8004-00BB-4AC1-978C-9D7FA036729F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BEA412F-3DA1-4E91-9C74-0666147DABCE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"BC603F1A-561C-4602-AE82-FF40E876F9A1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32F7F370-C585-45FE-A7F7-40BFF13928CF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_310_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"F47477FF-6AAC-4517-8271-FE03B5E4E2E9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38B7995C-80E0-413B-9F2C-387EF3703927\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"555D068D-8855-420A-BD1B-08F4926FF02A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D84DDB81-DE66-4427-8833-633B45A45A14\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"378B84DA-D2E8-4EA3-B659-88E9F25811EB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F11F36C-60DB-4D81-A320-53EEE43758C1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"EEC9EE6F-F6B1-48C5-8646-CBDBA2A495D5\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C65DB5E9-2FE3-4807-970E-A42FDF82B50E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"75048E46-0CB5-4300-A5E4-CBCE5FE67BCF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82864EF6-B63D-4947-A18C-AE0156CCA7FA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.50\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"293C6F8B-51F7-44A5-ACAD-10586C9EB610\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B30A4C0-9928-46AD-9210-C25656FB43FB\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.50\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"05959C9F-4209-4B0B-81DD-6C98BFC43F7B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D74ABA7E-AA78-4A13-A64E-C44021591B42\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.50\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"B4F8A08F-8531-444E-BE70-6C0096BE8CAC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F93B6A06-2951-46D2-A7E1-103D7318D612\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.50\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"8553EF99-5F25-4F96-840C-1D5146C9CAF9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92C697A5-D1D3-4FF0-9C43-D27B18181958\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.50\", \"versionEndIncluding\": \"5.20\", \"matchCriteriaId\": \"2C2F72A1-7D2D-4BC3-8440-937435507F5C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D1396E3-731B-4D05-A3F8-F3ABB80D5C29\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"5046F464-AA4F-47D9-9050-CF0A5C9E6C9C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F7F15F3-9A55-462F-8AE3-EE71B759DE68\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"ECB8D8BC-4FEE-434C-AB4E-E847051B1919\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F5C3A2C-12EA-4FAE-B088-665A90494685\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"63BEED27-C36F-4245-9218-C10DED73A9C2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EAFF1122-755A-4531-AA2E-FD6E8478F92F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"F504210A-CDA6-4C30-98FC-707870E37E05\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"231547C3-33B8-42B7-983E-AA3C6CA5D107\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"FA7DB6C7-035B-4421-94A3-87F431BFA324\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC3082ED-A564-494D-8427-B61F15F6DD88\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.35\", \"versionEndIncluding\": \"4.70\", \"matchCriteriaId\": \"DB6E0DD5-DA40-4672-A6DD-A98145DCC86A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F302801D-3720-4598-8458-A8938BD6CB46\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that could allow an attacker to obtain some information stored in the user\u0027s browser, such as cookies or session tokens, via a malicious script.\"}, {\"lang\": \"es\", \"value\": \"Se identific\\u00f3 una vulnerabilidad de tipo cross-site scripting en el programa CGI de Zyxel USG/ZyWALL series versiones de firmware 4.35 hasta 4.70 , USG FLEX series versiones de firmware 4.50 hasta 5.20, ATP series versiones de firmware 4.35 hasta 5.20 y VPN series versiones de firmware 4.35 hasta 5.20, que podr\\u00eda permitir a un atacante obtener alguna informaci\\u00f3n almacenada en el navegador del usuario, como cookies o tokens de sesi\\u00f3n, por medio de un script malicioso\"}]",
      "id": "CVE-2022-0734",
      "lastModified": "2024-11-21T06:39:17.163",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security@zyxel.com.tw\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N\", \"baseScore\": 5.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2022-05-24T03:15:09.093",
      "references": "[{\"url\": \"https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml\", \"source\": \"security@zyxel.com.tw\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@zyxel.com.tw",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security@zyxel.com.tw\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-0734\",\"sourceIdentifier\":\"security@zyxel.com.tw\",\"published\":\"2022-05-24T03:15:09.093\",\"lastModified\":\"2024-11-21T06:39:17.163\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that could allow an attacker to obtain some information stored in the user\u0027s browser, such as cookies or session tokens, via a malicious script.\"},{\"lang\":\"es\",\"value\":\"Se identific\u00f3 una vulnerabilidad de tipo cross-site scripting en el programa CGI de Zyxel USG/ZyWALL series versiones de firmware 4.35 hasta 4.70 , USG FLEX series versiones de firmware 4.50 hasta 5.20, ATP series versiones de firmware 4.35 hasta 5.20 y VPN series versiones de firmware 4.35 hasta 5.20, que podr\u00eda permitir a un atacante obtener alguna informaci\u00f3n almacenada en el navegador del usuario, como cookies o tokens de sesi\u00f3n, por medio de un script malicioso\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@zyxel.com.tw\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N\",\"baseScore\":5.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"security@zyxel.com.tw\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"9EB7ECE1-BA79-4F6B-92E6-72EAD8C1A89D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81D90A7B-174F-40A1-8AF4-08B15B7BAC40\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"BF538EAF-7694-4953-86AE-4F12F8B88315\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EECD311A-4E96-4576-AADF-47291EDE3559\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"0C3D7EC0-7209-4E60-8A2F-A23CF47A4794\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C45C303-1A95-4245-B242-3AB9B9106CD4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"14C64F26-4FFF-4102-9D06-EFD9E4921580\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E3AC823-0ECA-42D8-8312-2FBE5914E4C0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"C6BE3BA8-E117-4C98-9221-502DA903CA27\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F7654A1-3806-41C7-82D4-46B0CD7EE53B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"25040B80-E884-44F4-902E-A8F2E27C25C6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"CED15A33-FB60-44CD-978C-9D1FBD3CE5E0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D68A36FF-8CAF-401C-9F18-94F3A2405CF4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"27A45A78-3301-49BE-A1B1-47DC5596012B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2818E8AC-FFEE-4DF9-BF3F-C75166C0E851\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"913F6F7E-2D5B-4684-83C8-7929C0E385F7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B41F437-855B-4490-8011-DF59887BE6D5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"5788E87A-A69D-4EB8-BBA9-99DEFABFA2A6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66B99746-0589-46E6-9CBD-F38619AD97DC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_110_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"D2766165-4833-4744-BE12-D4D92C0337F2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7E32879-01A2-49B1-A354-068CEB1CA3A5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_1100_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"7CC99D50-3D1A-444F-949A-A7BBF664233F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC4B9AC6-7C55-42BD-A1D8-F5D5A19AC59D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_1900_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"641BB3FE-BC96-494C-A6E4-A033365E691E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92CE6F04-403B-4A52-A3A5-DD0190CF15D9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_20w_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"D1316118-0B3F-4C87-A44E-B9571A381009\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CD5A4AB-0CC2-4CAF-AAFA-0F866174842F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"C24C8004-00BB-4AC1-978C-9D7FA036729F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BEA412F-3DA1-4E91-9C74-0666147DABCE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"BC603F1A-561C-4602-AE82-FF40E876F9A1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32F7F370-C585-45FE-A7F7-40BFF13928CF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_310_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"F47477FF-6AAC-4517-8271-FE03B5E4E2E9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38B7995C-80E0-413B-9F2C-387EF3703927\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"555D068D-8855-420A-BD1B-08F4926FF02A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D84DDB81-DE66-4427-8833-633B45A45A14\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"378B84DA-D2E8-4EA3-B659-88E9F25811EB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F11F36C-60DB-4D81-A320-53EEE43758C1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"EEC9EE6F-F6B1-48C5-8646-CBDBA2A495D5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C65DB5E9-2FE3-4807-970E-A42FDF82B50E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"75048E46-0CB5-4300-A5E4-CBCE5FE67BCF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82864EF6-B63D-4947-A18C-AE0156CCA7FA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"293C6F8B-51F7-44A5-ACAD-10586C9EB610\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B30A4C0-9928-46AD-9210-C25656FB43FB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"05959C9F-4209-4B0B-81DD-6C98BFC43F7B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D74ABA7E-AA78-4A13-A64E-C44021591B42\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"B4F8A08F-8531-444E-BE70-6C0096BE8CAC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F93B6A06-2951-46D2-A7E1-103D7318D612\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"8553EF99-5F25-4F96-840C-1D5146C9CAF9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92C697A5-D1D3-4FF0-9C43-D27B18181958\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndIncluding\":\"5.20\",\"matchCriteriaId\":\"2C2F72A1-7D2D-4BC3-8440-937435507F5C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D1396E3-731B-4D05-A3F8-F3ABB80D5C29\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"5046F464-AA4F-47D9-9050-CF0A5C9E6C9C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F7F15F3-9A55-462F-8AE3-EE71B759DE68\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"ECB8D8BC-4FEE-434C-AB4E-E847051B1919\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F5C3A2C-12EA-4FAE-B088-665A90494685\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"63BEED27-C36F-4245-9218-C10DED73A9C2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAFF1122-755A-4531-AA2E-FD6E8478F92F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"F504210A-CDA6-4C30-98FC-707870E37E05\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"231547C3-33B8-42B7-983E-AA3C6CA5D107\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"FA7DB6C7-035B-4421-94A3-87F431BFA324\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC3082ED-A564-494D-8427-B61F15F6DD88\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.35\",\"versionEndIncluding\":\"4.70\",\"matchCriteriaId\":\"DB6E0DD5-DA40-4672-A6DD-A98145DCC86A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F302801D-3720-4598-8458-A8938BD6CB46\"}]}]}],\"references\":[{\"url\":\"https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml\",\"source\":\"security@zyxel.com.tw\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.