Lucene search

[email protected]CVE-2023-22922

HistoryMay 01, 2023 - 5:15 p.m.

CVE-2023-22922

2023-05-0117:15:09

CWE-120

[email protected]

web.nvd.nist.gov

buffer overflow

vulnerability

zyxel nbg-418n

firmware

cve-2023-22922

dos

telnet

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.7%

JSON

A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote unauthenticated attacker to cause DoS conditions by sending crafted packets if Telnet is enabled on a vulnerable device.

Affected configurations

NVD

Node

zyxelnbg-418n_firmwareRange≤1.00\(aarp.13\)c0

AND

zyxelnbg-418nMatchv2

CPENameOperatorVersion
zyxel:nbg-418n_firmwarezyxel nbg-418n firmwarele1.00\(aarp.13\)c0

CPE	Name	Operator	Version
zyxel:nbg-418n_firmware	zyxel nbg-418n firmware	le	1.00\(aarp.13\)c0

CNA Affected

[
  {
    "vendor": "Zyxel",
    "product": "NBG-418N v2 firmware",
    "versions": [
      {
        "version": "< V1.00(AARP.14)C0",
        "status": "affected"
      }
    ]
  }
]

References

www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nbg-418n-v2-home-router

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.7%

JSON

Related for CVE-2023-22922

cvelist1 nvd1 prion1