CVE-2023-28771

🗓️ 25 Apr 2023 00:00:00Reported by ZyxelType

cve🔗 web.nvd.nist.gov📰️ 8 Media mentions👁 648 Views

Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4

Reporter	Title	Published	Views	Family All 43
0day.today	Zyxel IKE Packet Decoder Unauthenticated Remote Code Execution Exploit	12 Jun 202300:00	–	zdt
GithubExploit	Exploit for OS Command Injection in Zyxel Atp100_Firmware	23 May 202302:37	–	githubexploit
GithubExploit	Exploit for OS Command Injection in Zyxel Atp100_Firmware	23 May 202302:37	–	githubexploit
GithubExploit	Exploit for OS Command Injection in Zyxel Atp100_Firmware	23 May 202302:37	–	githubexploit
ICS	North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs	25 Jul 202412:00	–	ics
ATTACKERKB	CVE-2023-28771	25 Apr 202300:00	–	attackerkb
Circl	CVE-2023-28771	25 Apr 202307:24	–	circl
CISA KEV Catalog	Zyxel Multiple Firewalls OS Command Injection Vulnerability	31 May 202300:00	–	cisa_kev
CISA	CISA Adds One Known Exploited Vulnerability to Catalog	31 May 202312:00	–	cisa
CNNVD	Zyxel ZyWALL USG 操作系统命令注入漏洞	24 Apr 202300:00	–	cnnvd

NVD

Node

zyxel atp100_firmwareRange4.60–5.36

AND

zyxel atp100Match-

Node

zyxel atp100w_firmwareRange4.60–5.35

AND

zyxel atp100wMatch-

Node

zyxel atp200_firmwareRange4.60–5.36

AND

zyxel atp200Match-

Node

zyxel atp500_firmwareRange4.60–5.36

AND

zyxel atp500Match-

Node

zyxel atp700_firmwareRange4.60–5.36

AND

zyxel atp700Match-

Node

zyxel atp800_firmwareRange4.60–5.36

AND

zyxel atp800Match-

Node

zyxel usg_flex_100_firmwareRange4.60–5.36

AND

zyxel usg_flex_100Match-

Node

zyxel usg_flex_100w_firmwareRange4.60–5.36

AND

zyxel usg_flex_100wMatch-

Node

zyxel usg_flex_200_firmwareRange4.60–5.36

AND

zyxel usg_flex_200Match-

Node

zyxel usg_flex_50_firmwareRange4.60–5.36

AND

zyxel usg_flex_50Match-

Node

zyxel usg_flex_500_firmwareRange4.60–5.36

AND

zyxel usg_flex_500Match-

Node

zyxel usg_flex_50w_firmwareRange4.60–5.36

AND

zyxel usg_flex_50wMatch-

Node

zyxel usg_flex_700_firmwareRange4.60–5.36

AND

zyxel usg_flex_700Match-

Node

zyxel vpn100_firmwareRange4.60–5.36

AND

zyxel vpn100Match-

Node

zyxel vpn1000_firmwareRange4.60–5.36

AND

zyxel vpn1000Match-

Node

zyxel vpn300_firmwareRange4.60–5.36

AND

zyxel vpn300Match-

Node

zyxel vpn50_firmwareRange4.60–5.36

AND

zyxel vpn50Match-

Node

zyxel zywall_usg_310_firmwareRange4.60–4.73

zyxel zywall_usg_310_firmwareMatch4.73-

AND

zyxel zywall_usg_310Match-

Node

zyxel zywall_usg_100_firmwareRange4.60–4.73

zyxel zywall_usg_100_firmwareMatch4.73-

AND

zyxel zywall_usg_100Match-

[
  {
    "vendor": "Zyxel",
    "product": "ZyWALL/USG series firmware",
    "versions": [
      {
        "version": "4.60 through 4.73",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Zyxel",
    "product": "VPN series firmware",
    "versions": [
      {
        "version": "4.60 through 5.35",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Zyxel",
    "product": "USG FLEX series firmware",
    "versions": [
      {
        "version": "4.60 through 5.35",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Zyxel",
    "product": "ATP series firmware",
    "versions": [
      {
        "version": "4.60 through 5.35",
        "status": "affected"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/172820/Zyxel-IKE-Packet-Decoder-Unauthenticated-Remote-Code-Execution.html
zyxel	www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-remote-command-injection-vulnerability-of-firewalls
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

27 Oct 2025 17:05Current

9.6High risk

Vulners AI Score9.6

CVSS 3.19.8

EPSS0.94346

SSVC