gsd-2022-26531
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-26531",
"description": "Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.",
"id": "GSD-2022-26531",
"references": [
"https://packetstormsecurity.com/files/cve/CVE-2022-26531"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-26531"
],
"details": "Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.",
"id": "GSD-2022-26531",
"modified": "2023-12-13T01:19:38.494045Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2022-26531",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "USG/ZyWALL series firmware",
"version": {
"version_data": [
{
"version_value": "4.09 through 4.71"
}
]
}
},
{
"product_name": "USG FLEX series firmware",
"version": {
"version_data": [
{
"version_value": "4.50 through 5.21"
}
]
}
},
{
"product_name": "ATP series firmware",
"version": {
"version_data": [
{
"version_value": "4.32 through 5.21"
}
]
}
},
{
"product_name": "VPN series firmware",
"version": {
"version_data": [
{
"version_value": "4.30 through 5.21"
}
]
}
},
{
"product_name": "NSG series firmware",
"version": {
"version_data": [
{
"version_value": "1.00 through 1.33 Patch 4"
}
]
}
},
{
"product_name": "NXC2500 firmware",
"version": {
"version_data": [
{
"version_value": "\u003c= 6.10(AAIG.3)"
}
]
}
},
{
"product_name": "NAP203 firmware",
"version": {
"version_data": [
{
"version_value": "\u003c= 6.25(ABFA.7)"
}
]
}
},
{
"product_name": "NWA50AX firmware",
"version": {
"version_data": [
{
"version_value": "\u003c= 6.25(ABYW.5)"
}
]
}
},
{
"product_name": "WAC500 firmware",
"version": {
"version_data": [
{
"version_value": "\u003c= 6.30(ABVS.2)"
}
]
}
},
{
"product_name": "WAX510D firmware",
"version": {
"version_data": [
{
"version_value": "\u003c= 6.30(ABTF.2)"
}
]
}
}
]
},
"vendor_name": "Zyxel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload."
}
]
},
"impact": {
"cvss": {
"baseScore": "6.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
"refsource": "CONFIRM",
"url": "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml"
},
{
"name": "20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Jun/15"
},
{
"name": "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html"
},
{
"name": "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "286FA4D2-DD37-4EFD-BCC4-98791B7E4F74",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "441EB008-4265-4569-A7B0-A5CAF0CA6B70",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF1F98B-2B0C-46C6-AE43-EB652BA0800C",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6387BE-5DED-4D27-AACC-1F42DCB90A40",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D636401-CD8D-4D2C-9BEA-1C6F96D2FEA6",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD3684E5-F119-4BD9-A29A-C35C293BC058",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFC4992F-FF30-44E8-9041-4BA082D3549B",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "071225C7-8311-4C89-9633-AE5DB4800B01",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF7A7FD-95D3-4343-9CE2-DFF8DBE8D125",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D952940F-FFEF-4480-9BD8-5E7CB1C27B2E",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_110_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55B9C186-0EF6-457D-A865-93BEE28C03DB",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7E32879-01A2-49B1-A354-068CEB1CA3A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_1100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D64DDA0B-FB12-49DA-818A-77D61B6328EB",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4B9AC6-7C55-42BD-A1D8-F5D5A19AC59D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_1900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F944352D-3F2E-4E67-9B0C-FCA488F49FDB",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92CE6F04-403B-4A52-A3A5-DD0190CF15D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_20w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18A8D2A1-CA75-4DAE-8C78-67E2588AD037",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CD5A4AB-0CC2-4CAF-AAFA-0F866174842F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC6943C7-8559-414D-9A6A-865EEFBF223C",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0597A0E-9416-4D2E-BAF5-BEFAAE1BB93E",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F7F370-C585-45FE-A7F7-40BFF13928CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_310_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B139EC4B-07CA-4D2C-8FBB-5C03F67ED169",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38B7995C-80E0-413B-9F2C-387EF3703927",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07F551AE-EB73-4B97-AFBA-23A201FBAA02",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D84DDB81-DE66-4427-8833-633B45A45A14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E469A8A0-D909-4713-ABA8-F2589452E193",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F11F36C-60DB-4D81-A320-53EEE43758C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25670F1E-F6BA-4B2C-957F-4DCF1B112DBD",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C65DB5E9-2FE3-4807-970E-A42FDF82B50E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "095FB855-F923-41C8-A3C7-E252FCD57EB5",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82864EF6-B63D-4947-A18C-AE0156CCA7FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19D358C5-E3CE-4362-94C2-6C8715AB9D54",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B18C8637-E459-482F-B977-7BA1A3D99CA7",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0015FD08-61BF-4022-9F84-12010EA1D5A9",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4B752C-2CAD-4A72-9660-27B57B3EB7FC",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39FCAC29-3FD8-49DF-A216-3393D9724DA7",
"versionEndIncluding": "5.21",
"versionStartIncluding": "4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A390EA-14B4-4A83-9215-2A8EEF10A564",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7F15F3-9A55-462F-8AE3-EE71B759DE68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F4C6D9E-87AB-4BEB-A9CF-EA767FC25437",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F5C3A2C-12EA-4FAE-B088-665A90494685",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96C73B83-E2B8-402A-BC4F-4044D16F6D2C",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFF1122-755A-4531-AA2E-FD6E8478F92F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C95C785-5428-405C-A1DE-1E2202556178",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "231547C3-33B8-42B7-983E-AA3C6CA5D107",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB666972-E152-45A6-BF0F-2F442565A9A9",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC3082ED-A564-494D-8427-B61F15F6DD88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B39851C-29CA-4C74-8A3D-BA8AFB22D889",
"versionEndIncluding": "4.71",
"versionStartIncluding": "4.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F302801D-3720-4598-8458-A8938BD6CB46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nsg300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4A4415-2061-4BB3-B8AF-F492B4935F5F",
"versionEndExcluding": "1.33",
"versionStartIncluding": "1.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg300_firmware:1.33:-:*:*:*:*:*:*",
"matchCriteriaId": "D43F6C03-E7EE-43B9-81B7-2B298134A591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8872BA61-9164-48EC-8D7B-C41FCE76F32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch2:*:*:*:*:*:*",
"matchCriteriaId": "83FD24D6-959A-41D1-B7A3-6D06205EA8C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch3:*:*:*:*:*:*",
"matchCriteriaId": "CB5660D2-3C80-42CF-B91C-61212B1EA351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch4:*:*:*:*:*:*",
"matchCriteriaId": "E83EFC74-309F-42BF-A2B5-850184B4BF20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nsg300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58B0886D-9AF4-453F-96DB-7ABAA5EE3B78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nsg100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66EEF757-9B89-4D05-93DC-0B35CB5578AA",
"versionEndExcluding": "1.33",
"versionStartIncluding": "1.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg100_firmware:1.33:-:*:*:*:*:*:*",
"matchCriteriaId": "70DE2243-00D1-4C94-B53B-659F48BAFF08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch1:*:*:*:*:*:*",
"matchCriteriaId": "E0722C8A-DACE-4FC8-8197-678CF4F6E0C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch2:*:*:*:*:*:*",
"matchCriteriaId": "3ED9A278-5B95-4607-B832-A2AB7FB8A9A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch3:*:*:*:*:*:*",
"matchCriteriaId": "DA5E8CF5-C7D8-4827-BE19-AC4EB7E66AC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch4:*:*:*:*:*:*",
"matchCriteriaId": "415A2C9A-005A-433D-A423-F5D9CA6C8A19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nsg100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C5054F-BCC7-4E00-8786-24F85B2A200E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nsg50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "734BB40E-9A07-4508-8C49-5A21072691B4",
"versionEndExcluding": "1.33",
"versionStartIncluding": "1.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg50_firmware:1.33:-:*:*:*:*:*:*",
"matchCriteriaId": "E549004C-F19F-4F2D-8522-849C008B2132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch1:*:*:*:*:*:*",
"matchCriteriaId": "013AE5DA-537B-4198-A55C-17FD08F7CB9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch2:*:*:*:*:*:*",
"matchCriteriaId": "E0D0898D-A7C6-441B-A0C8-BA7B5B2E362F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch3:*:*:*:*:*:*",
"matchCriteriaId": "D8E83137-D14D-4143-8D38-59787AAE36D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch4:*:*:*:*:*:*",
"matchCriteriaId": "00CB6F78-BA15-489E-BCD8-25CECB8FCBED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nsg50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B084120-41C6-4F3C-9803-9C178EB4DE91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nxc2500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "099AC2B1-7352-43EC-811A-89937FA1E2E3",
"versionEndIncluding": "6.10\\(aaig.3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nxc2500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BADED427-DEFF-4213-836B-C8EF0531C39A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nxc5500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "012B7439-FDDB-464D-8D11-AAAF54E9F59A",
"versionEndIncluding": "6.10\\(aaos.3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nxc5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A334B8B-8750-4519-B485-0AB0CECD212B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00D41E43-D7BA-4927-9966-2847E12270E6",
"versionEndIncluding": "6.25\\(abfa.7\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nap203:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80AE2CEA-90AC-421A-86BB-F404CDE7785D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93110B5F-CB02-4413-9588-35B47D7A5CE3",
"versionEndIncluding": "6.25\\(abex.7\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nap303:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4BF5D4C-DB8E-4077-BE78-C73AA203406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C44494F9-1ADA-4A3D-8FBA-D0D97C3DACB5",
"versionEndIncluding": "6.25\\(abey.7\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nap353:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCEC13E-3D1C-4B42-87F5-94FE1066C218",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A696580F-3993-4653-B48E-AAB7D1A2B7DC",
"versionEndIncluding": "6.25\\(abyw.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2806A3B3-8F13-4170-B284-8809E3502044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E809B8FE-DBF8-4B7F-B33E-939750D08617",
"versionEndIncluding": "6.25\\(abzl.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7440976-5CB4-40BE-95C2-98EF4B888109",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "554C9C1E-EE3C-4BD7-95CF-9748167EA691",
"versionEndIncluding": "6.27\\(accv.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A903978-737E-4266-A670-BC94E32CAF96",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFAECE0-C011-4488-89A8-249972CA0773",
"versionEndIncluding": "6.30\\(abtg.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A3F9232-F988-4428-9898-4F536123CE88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD8FF80-E4B1-4521-B2D3-B2B4B4049A14",
"versionEndIncluding": "6.30\\(abtd.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB129F9-64D8-43C2-9366-51EBDF419F5F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa1123-ac-hd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF0819A0-7616-467F-BF17-59302EADCA0C",
"versionEndIncluding": "6.25\\(abin.6\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa1123-ac-hd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27F719D3-0D19-4D92-9570-4B1A48AD5670",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "858A8B50-515B-4CD3-B07C-3633EE605CC9",
"versionEndIncluding": "6.25\\(abhd.7\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa1123-ac-pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC66B07-67FB-47F6-B54B-E40BE89F33A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF0C532C-D263-4EDA-8127-0CE61A02353A",
"versionEndIncluding": "6.30\\(abvt.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36C13E7F-2186-4587-83E9-57B05A7147B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa1302-ac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9DF9C2-7BD9-456D-8D27-DD6966A0B4AA",
"versionEndIncluding": "6.25\\(abku.6\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa1302-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA514BB-B688-4EBD-9530-F5112F7503F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nwa5123-ac-hd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A775E4A-4672-494E-A5A4-D906180092FA",
"versionEndIncluding": "6.25\\(abim.6\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nwa5123-ac-hd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1808BC03-AE4E-4AB7-996D-89081808720B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "528A7200-2884-4849-82EC-516A6BAB9DD2",
"versionEndIncluding": "6.30\\(abwa.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A1FD502-4F62-4C77-B3BC-E563B24F0067",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD646A37-5CE7-4B9D-9F9A-0443F5A35047",
"versionEndIncluding": "6.30\\(abvs.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C024551-F08F-4152-940D-1CF8BCD79613",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac5302d-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5ABF47-C899-4C1B-AFFB-11F37B2CA1B2",
"versionEndIncluding": "6.10\\(abfh.10\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac5302d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AA4FC1-E3E4-499F-B0C1-22B738DA4DA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97843B29-E50B-4451-8583-9120A30908D4",
"versionEndIncluding": "6.25\\(abvz.6\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A690501F-DC2D-4F90-ABC0-33B5F1279C36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDC631C-0510-4E30-B896-B218ABE618AA",
"versionEndIncluding": "6.25\\(aaxh.7\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "341DB051-7F01-4B36-BA15-EBC25FACB439",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0126F87D-14E9-402B-975A-FB11855D1E6C",
"versionEndIncluding": "6.25\\(abgl.6\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F08117-0BCE-4EA1-8DA7-1AC4EFF67E2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5701D95-35AC-489B-8348-E3AC32D1626D",
"versionEndIncluding": "6.25\\(aasd.7\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6502d-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8842C8-FB0A-46F0-9BB4-CAC6334D1E51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00AA8697-6B5D-439C-8E9A-B0B1EBDF1496",
"versionEndIncluding": "6.25\\(aase.7\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6502d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD108388-ABE5-4142-910F-C3C8B1C13617",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7ADC5F9-B1CE-474A-958F-F6267507A5E1",
"versionEndIncluding": "6.25\\(aasf.7\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6503d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFDF64A-17F5-4F05-8700-DCA36CCB6F2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac6553d-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A467110-CF4D-45CB-8855-EBA5D5985294",
"versionEndIncluding": "6.25\\(aasg.7\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6553d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD45FA01-D2BF-441A-8669-1190F79D206B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "978F6DD8-A04F-4DC0-8497-4F6454FA3235",
"versionEndIncluding": "6.25\\(abio.7\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wac6552d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD47738A-9001-4CC1-8FED-1D1CFC56F548",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F272586C-292F-409C-9BDB-D9D70C0C3D2A",
"versionEndIncluding": "6.30\\(abtf.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86B43BD3-CA22-4D81-9281-78A3B23FAC60",
"versionEndIncluding": "6.30\\(abte.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3518DA0A-2C7B-4979-A457-0826C921B0F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A26EEF52-DC36-4D5C-9E2F-25238615B2BC",
"versionEndIncluding": "6.30\\(abzd.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC74AAF9-5206-4CEB-9023-6CD4F38AA623",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAF35E44-DC87-49EC-868A-C721CC4FFD3B",
"versionEndIncluding": "6.30\\(abrm.2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D784994E-E2CE-4328-B490-D9DC195A53DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload."
},
{
"lang": "es",
"value": "Se han identificado varios fallos de comprobaci\u00f3n de entrada inadecuados en algunos comandos CLI de las Zyxel USG/ZyWALL versiones de firmware 4.09 hasta 4.71, USG FLEX series versiones de firmware 4.50 hasta 5.21, ATP series versiones de firmware 4.32 hasta 5.21, VPN series versiones de firmware 4.30 a 5.21, NSG series versiones de firmware1.00 hasta 1.33 Patch 4, NXC2500 versi\u00f3n de firmware 6.10(AAIG.3 ) y versiones anteriores, el firmware NAP203 versi\u00f3n 6.25(ABFA.7) y versiones anteriores, NWA50AX versi\u00f3n de firmware 6.25(ABYW.5) y versiones anteriores, WAC500 versi\u00f3n de firmware 6.30(ABVS.2) y versiones anteriores, WAX510D versi\u00f3n de firmware 6.30(ABTF.2) y versiones anteriores, que podr\u00eda permitir a un atacante local autenticado causar un desbordamiento del b\u00fafer o un bloqueo del sistema por medio de una carga \u00fatil dise\u00f1ada"
}
],
"id": "CVE-2022-26531",
"lastModified": "2024-02-09T18:15:07.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 4.2,
"source": "security@zyxel.com.tw",
"type": "Secondary"
}
]
},
"published": "2022-05-24T06:15:09.297",
"references": [
{
"source": "security@zyxel.com.tw",
"url": "http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html"
},
{
"source": "security@zyxel.com.tw",
"url": "http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html"
},
{
"source": "security@zyxel.com.tw",
"url": "http://seclists.org/fulldisclosure/2022/Jun/15"
},
{
"source": "security@zyxel.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml"
}
],
"sourceIdentifier": "security@zyxel.com.tw",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "security@zyxel.com.tw",
"type": "Secondary"
}
]
}
}
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.