cvelistv5 - cve-2023-37925

cve-2023-37925

Vulnerability from cvelistv5

Published

2023-11-28 01:30

Modified

2024-08-02 17:23

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.

References

▼	URL	Tags
	security@zyxel.com.tw	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps	Vendor Advisory

Impacted products

Vendor

Product

Version

▼

Zyxel

ATP series firmware

Version: versions 4.32 through 5.37

Zyxel	USG FLEX series firmware	Version: versions 4.50 through 5.37
Zyxel	USG FLEX 50(W) series firmware	Version: versions 4.16 through 5.37
Zyxel	USG20(W)-VPN series firmware	Version: versions 4.16 through 5.37
Zyxel	VPN series firmware	Version: versions 4.30 through 5.37
Zyxel	NWA50AX firmware	Version: 6.29(ABYW.2)
Zyxel	WAC500 firmware	Version: 6.65(ABVS.1)
Zyxel	WAX300H firmware	Version: 6.60(ACHF.1)
Zyxel	WBE660S firmware	Version: 6.65(ACGG.1)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T17:23:27.715Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ATP series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "versions 4.32 through 5.37"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "USG FLEX series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "versions 4.50 through 5.37"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "USG FLEX 50(W) series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "versions 4.16 through 5.37"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "USG20(W)-VPN series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "versions 4.16 through 5.37"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VPN series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "versions 4.30 through 5.37"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "NWA50AX firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "6.29(ABYW.2)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WAC500 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "6.65(ABVS.1)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WAX300H firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "6.60(ACHF.1)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WBE660S firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "6.65(ACGG.1)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device."
            }
          ],
          "value": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-28T01:30:55.186Z",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2023-37925",
    "datePublished": "2023-11-28T01:30:55.186Z",
    "dateReserved": "2023-07-11T01:52:33.655Z",
    "dateUpdated": "2024-08-02T17:23:27.715Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.32\", \"versionEndIncluding\": \"5.37\", \"matchCriteriaId\": \"2A9AF767-1BC2-4160-9FD6-246DD2AD0F18\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F7654A1-3806-41C7-82D4-46B0CD7EE53B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D68A36FF-8CAF-401C-9F18-94F3A2405CF4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2818E8AC-FFEE-4DF9-BF3F-C75166C0E851\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B41F437-855B-4490-8011-DF59887BE6D5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66B99746-0589-46E6-9CBD-F38619AD97DC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.50\", \"versionEndIncluding\": \"5.37\", \"matchCriteriaId\": \"03FAEFC8-186B-4B52-869F-DA27224692C0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B30A4C0-9928-46AD-9210-C25656FB43FB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D74ABA7E-AA78-4A13-A64E-C44021591B42\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F93B6A06-2951-46D2-A7E1-103D7318D612\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"646C1F07-B553-47B0-953B-DC7DE7FD0F8B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92C697A5-D1D3-4FF0-9C43-D27B18181958\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"110A1CA4-0170-4834-8281-0A3E14FC5584\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D1396E3-731B-4D05-A3F8-F3ABB80D5C29\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.16\", \"versionEndIncluding\": \"5.37\", \"matchCriteriaId\": \"0DE544DC-2644-4706-BB80-75B7E16DF4DD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BEA412F-3DA1-4E91-9C74-0666147DABCE\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"371CE32A-C28E-44D2-9B0B-D8775928FD0E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.30\", \"versionEndIncluding\": \"5.37\", \"matchCriteriaId\": \"549A6FE1-25D6-4239-87B6-B729C098C625\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81D90A7B-174F-40A1-8AF4-08B15B7BAC40\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EECD311A-4E96-4576-AADF-47291EDE3559\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C45C303-1A95-4245-B242-3AB9B9106CD4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E3AC823-0ECA-42D8-8312-2FBE5914E4C0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.70\\\\(abtg.0\\\\)\", \"matchCriteriaId\": \"C7DDF8F2-1E1C-4040-B24D-7959863AD5AF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A3F9232-F988-4428-9898-4F536123CE88\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.70\\\\(abvt.0\\\\)\", \"matchCriteriaId\": \"6372C936-65AD-431B-B0F3-3731E6B236EC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36C13E7F-2186-4587-83E9-57B05A7147B7\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.70\\\\(abtd.0\\\\)\", \"matchCriteriaId\": \"D24E34B2-E5E8-4269-A168-4904A7751427\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BB129F9-64D8-43C2-9366-51EBDF419F5F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.70\\\\(acco.0\\\\)\", \"matchCriteriaId\": \"A3B44BE7-A6FD-4B9B-B6F9-60A4B792E57B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E03F755-424D-4248-9076-ED7BECEB94C5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.80\\\\(abyw.0\\\\)\", \"matchCriteriaId\": \"D93BE4DB-8B74-4FE1-814D-22E78027FC7B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2806A3B3-8F13-4170-B284-8809E3502044\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.80\\\\(acge.0\\\\)\", \"matchCriteriaId\": \"A88CCD01-D827-4891-8E99-67B6FD064FE9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7DD6E6B-61EC-4E60-8244-56ADB26F2234\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.80\\\\(abzl.0\\\\)\", \"matchCriteriaId\": \"C732FD48-F3FC-45A6-9081-D2067305D6F7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7440976-5CB4-40BE-95C2-98EF4B888109\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.80\\\\(accv.0\\\\)\", \"matchCriteriaId\": \"221D7820-55CA-447C-94FB-4946EC1536E7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A903978-737E-4266-A670-BC94E32CAF96\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.80\\\\(acgf.0\\\\)\", \"matchCriteriaId\": \"9D936894-A119-4EC4-BA51-3B2CD9F3F477\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFA44855-B135-44BD-AE21-FC58CD647AB6\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.70\\\\(abvs.0\\\\)\", \"matchCriteriaId\": \"34B57801-88C6-4BAB-A47F-EE428F8208C1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C024551-F08F-4152-940D-1CF8BCD79613\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.70\\\\(abwa.0\\\\)\", \"matchCriteriaId\": \"9E013C28-F1C2-474C-B909-6BE89752C335\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A1FD502-4F62-4C77-B3BC-E563B24F0067\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.70\\\\(abtf.0\\\\)\", \"matchCriteriaId\": \"E174A280-1FC8-4A97-B7B1-3B8F5B47EB82\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A37A0E9-D505-4376-AB0E-1C0FD7E53A55\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.70\\\\(abte.0\\\\)\", \"matchCriteriaId\": \"40288F50-E5B5-4398-BCBB-0C946869AB64\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3518DA0A-2C7B-4979-A457-0826C921B0F0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.70\\\\(accn.0\\\\)\", \"matchCriteriaId\": \"B6EE5DA9-A76F-47EE-8DF2-7950DD37A1B7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.70\\\\(abzd.0\\\\)\", \"matchCriteriaId\": \"5C0C05AC-CF02-4D2B-BB8D-7DF960BAD814\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC74AAF9-5206-4CEB-9023-6CD4F38AA623\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.70\\\\(accm.0\\\\)\", \"matchCriteriaId\": \"9EBCEA07-66B1-48A0-9121-09C5FE30A4E2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20E4E9A0-DF92-47B7-94D6-0867E3171E47\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.70\\\\(abrm.0\\\\)\", \"matchCriteriaId\": \"0FE4DC40-903F-4063-99EA-D7D272400D22\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D784994E-E2CE-4328-B490-D9DC195A53DB\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.70\\\\(acdo.0\\\\)\", \"matchCriteriaId\": \"9C85EF6D-0300-4AE9-98FE-2FA05F6392D4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61158220-B5E8-4BF4-B2C2-E8ABFD3266CF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.70\\\\(acgg.0\\\\)\", \"matchCriteriaId\": \"31DA2420-6E71-45FE-A1B4-76524431F932\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9FC2F3A4-0598-49B0-9829-AF43C97E9E8E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de administraci\\u00f3n de privilegios inadecuada en el comando CLI de depuraci\\u00f3n de las versiones de firmware: \\nserie Zyxel ATP 4.32 a 5.37, \\nserie USG FLEX 4.50 a 5.37, \\nserie USG FLEX 50(W) 4.16 a 5.37, \\nserie USG20(W)-VPN 4.16 a 5.37, \\nserie VPN 4.30 a 5.37,\\nNWA50AX 6.29 (ABYW.2), \\nWAC500 6.65 (ABVS.1), \\nWAX300H 6.60 (ACHF.1) y\\nWBE660S 6.65 ( ACGG.1).\\nPodr\\u00eda permitir que un atacante local autenticado acceda a los archivos del sistema en un dispositivo afectado.\"}]",
      "id": "CVE-2023-37925",
      "lastModified": "2024-11-21T08:12:29.060",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security@zyxel.com.tw\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
      "published": "2023-11-28T02:15:42.547",
      "references": "[{\"url\": \"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps\", \"source\": \"security@zyxel.com.tw\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@zyxel.com.tw",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security@zyxel.com.tw\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-269\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-37925\",\"sourceIdentifier\":\"security@zyxel.com.tw\",\"published\":\"2023-11-28T02:15:42.547\",\"lastModified\":\"2024-11-21T08:12:29.060\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de administraci\u00f3n de privilegios inadecuada en el comando CLI de depuraci\u00f3n de las versiones de firmware: \\nserie Zyxel ATP 4.32 a 5.37, \\nserie USG FLEX 4.50 a 5.37, \\nserie USG FLEX 50(W) 4.16 a 5.37, \\nserie USG20(W)-VPN 4.16 a 5.37, \\nserie VPN 4.30 a 5.37,\\nNWA50AX 6.29 (ABYW.2), \\nWAC500 6.65 (ABVS.1), \\nWAX300H 6.60 (ACHF.1) y\\nWBE660S 6.65 ( ACGG.1).\\nPodr\u00eda permitir que un atacante local autenticado acceda a los archivos del sistema en un dispositivo afectado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@zyxel.com.tw\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security@zyxel.com.tw\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.32\",\"versionEndIncluding\":\"5.37\",\"matchCriteriaId\":\"2A9AF767-1BC2-4160-9FD6-246DD2AD0F18\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F7654A1-3806-41C7-82D4-46B0CD7EE53B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D68A36FF-8CAF-401C-9F18-94F3A2405CF4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2818E8AC-FFEE-4DF9-BF3F-C75166C0E851\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B41F437-855B-4490-8011-DF59887BE6D5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66B99746-0589-46E6-9CBD-F38619AD97DC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndIncluding\":\"5.37\",\"matchCriteriaId\":\"03FAEFC8-186B-4B52-869F-DA27224692C0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B30A4C0-9928-46AD-9210-C25656FB43FB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D74ABA7E-AA78-4A13-A64E-C44021591B42\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F93B6A06-2951-46D2-A7E1-103D7318D612\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"646C1F07-B553-47B0-953B-DC7DE7FD0F8B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92C697A5-D1D3-4FF0-9C43-D27B18181958\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"110A1CA4-0170-4834-8281-0A3E14FC5584\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D1396E3-731B-4D05-A3F8-F3ABB80D5C29\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.16\",\"versionEndIncluding\":\"5.37\",\"matchCriteriaId\":\"0DE544DC-2644-4706-BB80-75B7E16DF4DD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BEA412F-3DA1-4E91-9C74-0666147DABCE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"371CE32A-C28E-44D2-9B0B-D8775928FD0E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.30\",\"versionEndIncluding\":\"5.37\",\"matchCriteriaId\":\"549A6FE1-25D6-4239-87B6-B729C098C625\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81D90A7B-174F-40A1-8AF4-08B15B7BAC40\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EECD311A-4E96-4576-AADF-47291EDE3559\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C45C303-1A95-4245-B242-3AB9B9106CD4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E3AC823-0ECA-42D8-8312-2FBE5914E4C0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.70\\\\(abtg.0\\\\)\",\"matchCriteriaId\":\"C7DDF8F2-1E1C-4040-B24D-7959863AD5AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A3F9232-F988-4428-9898-4F536123CE88\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.70\\\\(abvt.0\\\\)\",\"matchCriteriaId\":\"6372C936-65AD-431B-B0F3-3731E6B236EC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36C13E7F-2186-4587-83E9-57B05A7147B7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.70\\\\(abtd.0\\\\)\",\"matchCriteriaId\":\"D24E34B2-E5E8-4269-A168-4904A7751427\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BB129F9-64D8-43C2-9366-51EBDF419F5F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.70\\\\(acco.0\\\\)\",\"matchCriteriaId\":\"A3B44BE7-A6FD-4B9B-B6F9-60A4B792E57B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E03F755-424D-4248-9076-ED7BECEB94C5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.80\\\\(abyw.0\\\\)\",\"matchCriteriaId\":\"D93BE4DB-8B74-4FE1-814D-22E78027FC7B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2806A3B3-8F13-4170-B284-8809E3502044\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.80\\\\(acge.0\\\\)\",\"matchCriteriaId\":\"A88CCD01-D827-4891-8E99-67B6FD064FE9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7DD6E6B-61EC-4E60-8244-56ADB26F2234\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.80\\\\(abzl.0\\\\)\",\"matchCriteriaId\":\"C732FD48-F3FC-45A6-9081-D2067305D6F7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7440976-5CB4-40BE-95C2-98EF4B888109\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.80\\\\(accv.0\\\\)\",\"matchCriteriaId\":\"221D7820-55CA-447C-94FB-4946EC1536E7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A903978-737E-4266-A670-BC94E32CAF96\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.80\\\\(acgf.0\\\\)\",\"matchCriteriaId\":\"9D936894-A119-4EC4-BA51-3B2CD9F3F477\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFA44855-B135-44BD-AE21-FC58CD647AB6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.70\\\\(abvs.0\\\\)\",\"matchCriteriaId\":\"34B57801-88C6-4BAB-A47F-EE428F8208C1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C024551-F08F-4152-940D-1CF8BCD79613\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.70\\\\(abwa.0\\\\)\",\"matchCriteriaId\":\"9E013C28-F1C2-474C-B909-6BE89752C335\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A1FD502-4F62-4C77-B3BC-E563B24F0067\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.70\\\\(abtf.0\\\\)\",\"matchCriteriaId\":\"E174A280-1FC8-4A97-B7B1-3B8F5B47EB82\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A37A0E9-D505-4376-AB0E-1C0FD7E53A55\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.70\\\\(abte.0\\\\)\",\"matchCriteriaId\":\"40288F50-E5B5-4398-BCBB-0C946869AB64\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3518DA0A-2C7B-4979-A457-0826C921B0F0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.70\\\\(accn.0\\\\)\",\"matchCriteriaId\":\"B6EE5DA9-A76F-47EE-8DF2-7950DD37A1B7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.70\\\\(abzd.0\\\\)\",\"matchCriteriaId\":\"5C0C05AC-CF02-4D2B-BB8D-7DF960BAD814\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC74AAF9-5206-4CEB-9023-6CD4F38AA623\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.70\\\\(accm.0\\\\)\",\"matchCriteriaId\":\"9EBCEA07-66B1-48A0-9121-09C5FE30A4E2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20E4E9A0-DF92-47B7-94D6-0867E3171E47\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.70\\\\(abrm.0\\\\)\",\"matchCriteriaId\":\"0FE4DC40-903F-4063-99EA-D7D272400D22\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D784994E-E2CE-4328-B490-D9DC195A53DB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.70\\\\(acdo.0\\\\)\",\"matchCriteriaId\":\"9C85EF6D-0300-4AE9-98FE-2FA05F6392D4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61158220-B5E8-4BF4-B2C2-E8ABFD3266CF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.70\\\\(acgg.0\\\\)\",\"matchCriteriaId\":\"31DA2420-6E71-45FE-A1B4-76524431F932\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FC2F3A4-0598-49B0-9829-AF43C97E9E8E\"}]}]}],\"references\":[{\"url\":\"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps\",\"source\":\"security@zyxel.com.tw\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

ghsa-w6g6-83gc-85hx

Vulnerability from github

Published

2023-11-28 03:30

Modified

2023-11-28 03:30

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-37925"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-28T02:15:42Z",
    "severity": "MODERATE"
  },
  "details": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.",
  "id": "GHSA-w6g6-83gc-85hx",
  "modified": "2023-11-28T03:30:22Z",
  "published": "2023-11-28T03:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37925"
    },
    {
      "type": "WEB",
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

WID-SEC-W-2023-3017

Vulnerability from csaf_certbund

Published

2023-11-27 23:00

Modified

2023-11-27 23:00

Summary

Zyxel Firewall: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Zyxel ist ein Hersteller von Netzwerkkomponenten, u.a. von Firewalls.

Angriff

Ein Angreifer kann mehrere Schwachstellen in Zyxel Firewalls ausnutzen, um einen Cross-Site-Scripting-Angriff zu starten, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren.

Betroffene Betriebssysteme

- Appliance

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Zyxel ist ein Hersteller von Netzwerkkomponenten, u.a. von Firewalls.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Zyxel Firewalls ausnutzen, um einen Cross-Site-Scripting-Angriff zu starten, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Appliance",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-3017 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3017.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-3017 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3017"
      },
      {
        "category": "external",
        "summary": "Zyxel security advisory vom 2023-11-27",
        "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
      }
    ],
    "source_lang": "en-US",
    "title": "Zyxel Firewall: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2023-11-27T23:00:00.000+00:00",
      "generator": {
        "date": "2024-02-15T17:52:36.830+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2023-3017",
      "initial_release_date": "2023-11-27T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-11-27T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Zyxel Firewall \u003c 5.37 Patch 1",
            "product": {
              "name": "Zyxel Firewall \u003c 5.37 Patch 1",
              "product_id": "T031369",
              "product_identification_helper": {
                "cpe": "cpe:/h:zyxel:firewall:5.37_patch_1"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Zyxel"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-4398",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Zyxel Firewalls. Dieser Fehler besteht im Quellcode des QuickSec IPSec Toolkits, das in der VPN-Funktion verwendet wird, aufgrund eines Integer-\u00dcberlaufs. Durch das Senden eines manipulierten IKE-Pakets kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-4398"
    },
    {
      "cve": "CVE-2023-4397",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in der Zyxel Firewall. Dieser Fehler besteht in der Firmware. Durch die Ausf\u00fchrung eines CLI-Befehls mit einer manipulierten Zeichenfolge auf einem betroffenen Ger\u00e4t kann ein lokaler Angreifer mit Administratorrechten diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-4397"
    },
    {
      "cve": "CVE-2023-5960",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Zyxel Firewall. Diese Fehler bestehen in mehreren Komponenten wie dem Debug-CLI-Befehl oder ZySH, u. a. aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, eines Puffer\u00fcberlaufs oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-5960"
    },
    {
      "cve": "CVE-2023-5797",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Zyxel Firewall. Diese Fehler bestehen in mehreren Komponenten wie dem Debug-CLI-Befehl oder ZySH, u. a. aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, eines Puffer\u00fcberlaufs oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-5797"
    },
    {
      "cve": "CVE-2023-5650",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Zyxel Firewall. Diese Fehler bestehen in mehreren Komponenten wie dem Debug-CLI-Befehl oder ZySH, u. a. aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, eines Puffer\u00fcberlaufs oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-5650"
    },
    {
      "cve": "CVE-2023-37926",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Zyxel Firewall. Diese Fehler bestehen in mehreren Komponenten wie dem Debug-CLI-Befehl oder ZySH, u. a. aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, eines Puffer\u00fcberlaufs oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-37926"
    },
    {
      "cve": "CVE-2023-37925",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Zyxel Firewall. Diese Fehler bestehen in mehreren Komponenten wie dem Debug-CLI-Befehl oder ZySH, u. a. aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, eines Puffer\u00fcberlaufs oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-37925"
    },
    {
      "cve": "CVE-2023-35136",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Zyxel Firewall. Diese Fehler bestehen in mehreren Komponenten wie dem Debug-CLI-Befehl oder ZySH, u. a. aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, eines Puffer\u00fcberlaufs oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-35136"
    },
    {
      "cve": "CVE-2023-35139",
      "notes": [
        {
          "category": "description",
          "text": "In Zyxel Firewalls existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden in CGI program nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-35139"
    }
  ]
}

wid-sec-w-2023-3017

Vulnerability from csaf_certbund

Published

2023-11-27 23:00

Modified

2023-11-27 23:00

Summary

Zyxel Firewall: Mehrere Schwachstellen

Notes

Produktbeschreibung

Zyxel ist ein Hersteller von Netzwerkkomponenten, u.a. von Firewalls.

Angriff

Betroffene Betriebssysteme

- Appliance

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Zyxel ist ein Hersteller von Netzwerkkomponenten, u.a. von Firewalls.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Zyxel Firewalls ausnutzen, um einen Cross-Site-Scripting-Angriff zu starten, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Appliance",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-3017 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3017.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-3017 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3017"
      },
      {
        "category": "external",
        "summary": "Zyxel security advisory vom 2023-11-27",
        "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
      }
    ],
    "source_lang": "en-US",
    "title": "Zyxel Firewall: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2023-11-27T23:00:00.000+00:00",
      "generator": {
        "date": "2024-02-15T17:52:36.830+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2023-3017",
      "initial_release_date": "2023-11-27T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-11-27T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Zyxel Firewall \u003c 5.37 Patch 1",
            "product": {
              "name": "Zyxel Firewall \u003c 5.37 Patch 1",
              "product_id": "T031369",
              "product_identification_helper": {
                "cpe": "cpe:/h:zyxel:firewall:5.37_patch_1"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Zyxel"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-4398",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Zyxel Firewalls. Dieser Fehler besteht im Quellcode des QuickSec IPSec Toolkits, das in der VPN-Funktion verwendet wird, aufgrund eines Integer-\u00dcberlaufs. Durch das Senden eines manipulierten IKE-Pakets kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-4398"
    },
    {
      "cve": "CVE-2023-4397",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in der Zyxel Firewall. Dieser Fehler besteht in der Firmware. Durch die Ausf\u00fchrung eines CLI-Befehls mit einer manipulierten Zeichenfolge auf einem betroffenen Ger\u00e4t kann ein lokaler Angreifer mit Administratorrechten diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-4397"
    },
    {
      "cve": "CVE-2023-5960",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Zyxel Firewall. Diese Fehler bestehen in mehreren Komponenten wie dem Debug-CLI-Befehl oder ZySH, u. a. aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, eines Puffer\u00fcberlaufs oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-5960"
    },
    {
      "cve": "CVE-2023-5797",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Zyxel Firewall. Diese Fehler bestehen in mehreren Komponenten wie dem Debug-CLI-Befehl oder ZySH, u. a. aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, eines Puffer\u00fcberlaufs oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-5797"
    },
    {
      "cve": "CVE-2023-5650",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Zyxel Firewall. Diese Fehler bestehen in mehreren Komponenten wie dem Debug-CLI-Befehl oder ZySH, u. a. aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, eines Puffer\u00fcberlaufs oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-5650"
    },
    {
      "cve": "CVE-2023-37926",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Zyxel Firewall. Diese Fehler bestehen in mehreren Komponenten wie dem Debug-CLI-Befehl oder ZySH, u. a. aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, eines Puffer\u00fcberlaufs oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-37926"
    },
    {
      "cve": "CVE-2023-37925",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Zyxel Firewall. Diese Fehler bestehen in mehreren Komponenten wie dem Debug-CLI-Befehl oder ZySH, u. a. aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, eines Puffer\u00fcberlaufs oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-37925"
    },
    {
      "cve": "CVE-2023-35136",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Zyxel Firewall. Diese Fehler bestehen in mehreren Komponenten wie dem Debug-CLI-Befehl oder ZySH, u. a. aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, eines Puffer\u00fcberlaufs oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-35136"
    },
    {
      "cve": "CVE-2023-35139",
      "notes": [
        {
          "category": "description",
          "text": "In Zyxel Firewalls existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden in CGI program nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
        }
      ],
      "release_date": "2023-11-27T23:00:00Z",
      "title": "CVE-2023-35139"
    }
  ]
}

cve-2023-37925

Vulnerability from fkie_nvd

Published

2023-11-28 02:15

Modified

2024-11-21 08:12

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

References

▼	URL	Tags
	security@zyxel.com.tw	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps	Vendor Advisory

Impacted products

Vendor	Product	Version
zyxel	zld	*
zyxel	atp100	-
zyxel	atp100w	-
zyxel	atp200	-
zyxel	atp500	-
zyxel	atp700	-
zyxel	atp800	-
zyxel	zld	*
zyxel	usg_flex_100	-
zyxel	usg_flex_100w	-
zyxel	usg_flex_200	-
zyxel	usg_flex_50	-
zyxel	usg_flex_500	-
zyxel	usg_flex_50w	-
zyxel	usg_flex_700	-
zyxel	zld	*
zyxel	usg_20w-vpn	-
zyxel	vpn50w	-
zyxel	zld	*
zyxel	vpn100	-
zyxel	vpn1000	-
zyxel	vpn300	-
zyxel	vpn50	-
zyxel	nwa110ax_firmware	*
zyxel	nwa110ax	-
zyxel	nwa1123acv3_firmware	*
zyxel	nwa1123acv3	-
zyxel	nwa210ax_firmware	*
zyxel	nwa210ax	-
zyxel	nwa220ax-6e_firmware	*
zyxel	nwa220ax-6e	-
zyxel	nwa50ax_firmware	*
zyxel	nwa50ax	-
zyxel	nwa50ax-pro_firmware	*
zyxel	nwa50ax-pro	-
zyxel	nwa55axe_firmware	*
zyxel	nwa55axe	-
zyxel	nwa90ax_firmware	*
zyxel	nwa90ax	-
zyxel	nwa90ax-pro_firmware	*
zyxel	nwa90ax-pro	-
zyxel	wac500_firmware	*
zyxel	wac500	-
zyxel	wac500h_firmware	*
zyxel	wac500h	-
zyxel	wax510d_firmware	*
zyxel	wax510d	-
zyxel	wax610d_firmware	*
zyxel	wax610d	-
zyxel	wax620d-6e_firmware	*
zyxel	wax620d-6e	-
zyxel	wax630s_firmware	*
zyxel	wax630s	-
zyxel	wax640s-6e_firmware	*
zyxel	wax640s-6e	-
zyxel	wax650s_firmware	*
zyxel	wax650s	-
zyxel	wax655e_firmware	*
zyxel	wax655e	-
zyxel	wbe660s_firmware	*
zyxel	wbe660s	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18",
              "versionEndIncluding": "5.37",
              "versionStartIncluding": "4.32",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03FAEFC8-186B-4B52-869F-DA27224692C0",
              "versionEndIncluding": "5.37",
              "versionStartIncluding": "4.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DE544DC-2644-4706-BB80-75B7E16DF4DD",
              "versionEndIncluding": "5.37",
              "versionStartIncluding": "4.16",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "371CE32A-C28E-44D2-9B0B-D8775928FD0E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "549A6FE1-25D6-4239-87B6-B729C098C625",
              "versionEndIncluding": "5.37",
              "versionStartIncluding": "4.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7DDF8F2-1E1C-4040-B24D-7959863AD5AF",
              "versionEndExcluding": "6.70\\(abtg.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A3F9232-F988-4428-9898-4F536123CE88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6372C936-65AD-431B-B0F3-3731E6B236EC",
              "versionEndExcluding": "6.70\\(abvt.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36C13E7F-2186-4587-83E9-57B05A7147B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D24E34B2-E5E8-4269-A168-4904A7751427",
              "versionEndExcluding": "6.70\\(abtd.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B44BE7-A6FD-4B9B-B6F9-60A4B792E57B",
              "versionEndExcluding": "6.70\\(acco.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E03F755-424D-4248-9076-ED7BECEB94C5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D93BE4DB-8B74-4FE1-814D-22E78027FC7B",
              "versionEndExcluding": "6.80\\(abyw.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2806A3B3-8F13-4170-B284-8809E3502044",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88CCD01-D827-4891-8E99-67B6FD064FE9",
              "versionEndExcluding": "6.80\\(acge.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DD6E6B-61EC-4E60-8244-56ADB26F2234",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C732FD48-F3FC-45A6-9081-D2067305D6F7",
              "versionEndExcluding": "6.80\\(abzl.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7440976-5CB4-40BE-95C2-98EF4B888109",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "221D7820-55CA-447C-94FB-4946EC1536E7",
              "versionEndExcluding": "6.80\\(accv.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A903978-737E-4266-A670-BC94E32CAF96",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D936894-A119-4EC4-BA51-3B2CD9F3F477",
              "versionEndExcluding": "6.80\\(acgf.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFA44855-B135-44BD-AE21-FC58CD647AB6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34B57801-88C6-4BAB-A47F-EE428F8208C1",
              "versionEndExcluding": "6.70\\(abvs.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C024551-F08F-4152-940D-1CF8BCD79613",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E013C28-F1C2-474C-B909-6BE89752C335",
              "versionEndExcluding": "6.70\\(abwa.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1FD502-4F62-4C77-B3BC-E563B24F0067",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E174A280-1FC8-4A97-B7B1-3B8F5B47EB82",
              "versionEndExcluding": "6.70\\(abtf.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40288F50-E5B5-4398-BCBB-0C946869AB64",
              "versionEndExcluding": "6.70\\(abte.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3518DA0A-2C7B-4979-A457-0826C921B0F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6EE5DA9-A76F-47EE-8DF2-7950DD37A1B7",
              "versionEndExcluding": "6.70\\(accn.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C0C05AC-CF02-4D2B-BB8D-7DF960BAD814",
              "versionEndExcluding": "6.70\\(abzd.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC74AAF9-5206-4CEB-9023-6CD4F38AA623",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EBCEA07-66B1-48A0-9121-09C5FE30A4E2",
              "versionEndExcluding": "6.70\\(accm.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20E4E9A0-DF92-47B7-94D6-0867E3171E47",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FE4DC40-903F-4063-99EA-D7D272400D22",
              "versionEndExcluding": "6.70\\(abrm.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D784994E-E2CE-4328-B490-D9DC195A53DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C85EF6D-0300-4AE9-98FE-2FA05F6392D4",
              "versionEndExcluding": "6.70\\(acdo.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "31DA2420-6E71-45FE-A1B4-76524431F932",
              "versionEndExcluding": "6.70\\(acgg.0\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de administraci\u00f3n de privilegios inadecuada en el comando CLI de depuraci\u00f3n de las versiones de firmware: \nserie Zyxel ATP 4.32 a 5.37, \nserie USG FLEX 4.50 a 5.37, \nserie USG FLEX 50(W) 4.16 a 5.37, \nserie USG20(W)-VPN 4.16 a 5.37, \nserie VPN 4.30 a 5.37,\nNWA50AX 6.29 (ABYW.2), \nWAC500 6.65 (ABVS.1), \nWAX300H 6.60 (ACHF.1) y\nWBE660S 6.65 ( ACGG.1).\nPodr\u00eda permitir que un atacante local autenticado acceda a los archivos del sistema en un dispositivo afectado."
    }
  ],
  "id": "CVE-2023-37925",
  "lastModified": "2024-11-21T08:12:29.060",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "security@zyxel.com.tw",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-28T02:15:42.547",
  "references": [
    {
      "source": "security@zyxel.com.tw",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
    }
  ],
  "sourceIdentifier": "security@zyxel.com.tw",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "security@zyxel.com.tw",
      "type": "Primary"
    }
  ]
}

gsd-2023-37925

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2023-37925

Aliases

CVE-2023-37925

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-37925",
    "id": "GSD-2023-37925"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-37925"
      ],
      "details": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.",
      "id": "GSD-2023-37925",
      "modified": "2023-12-13T01:20:24.876915Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@zyxel.com.tw",
        "ID": "CVE-2023-37925",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "ATP series firmware",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "versions 4.32 through 5.37"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "USG FLEX series firmware",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "versions 4.50 through 5.37"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "USG FLEX 50(W) series firmware",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "versions 4.16 through 5.37"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "USG20(W)-VPN series firmware",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "versions 4.16 through 5.37"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "VPN series firmware",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "versions 4.30 through 5.37"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "NWA50AX firmware",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "6.29(ABYW.2)"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WAC500 firmware",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "6.65(ABVS.1)"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WAX300H firmware",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "6.60(ACHF.1)"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WBE660S firmware",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "6.65(ACGG.1)"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Zyxel"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-269",
                "lang": "eng",
                "value": "CWE-269 Improper Privilege Management"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
            "refsource": "MISC",
            "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "5.37",
                    "versionStartIncluding": "4.32",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "5.37",
                    "versionStartIncluding": "4.50",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "5.37",
                    "versionStartIncluding": "4.16",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "5.37",
                    "versionStartIncluding": "4.30",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.70\\(abtg.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.70\\(abvt.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.70\\(abtd.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.70\\(acco.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.80\\(abyw.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.80\\(acge.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.80\\(abzl.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.80\\(accv.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.80\\(acgf.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.70\\(abvs.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.70\\(abwa.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.70\\(abtf.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.70\\(abte.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.70\\(accn.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.70\\(abzd.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.70\\(accm.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.70\\(abrm.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.70\\(acdo.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.70\\(acgg.0\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@zyxel.com.tw",
          "ID": "CVE-2023-37925"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-269"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps",
              "refsource": "",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-12-04T18:09Z",
      "publishedDate": "2023-11-28T02:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2023-37925

Vulnerability from cvelistv5

ghsa-w6g6-83gc-85hx

Vulnerability from github

WID-SEC-W-2023-3017

Vulnerability from csaf_certbund

wid-sec-w-2023-3017

Vulnerability from csaf_certbund

cve-2023-37925

Vulnerability from fkie_nvd

gsd-2023-37925

Vulnerability from gsd

Tags

Sightings

Nomenclature