Lucene search

[email protected]NVD:CVE-2023-28767

HistoryJul 17, 2023 - 5:15 p.m.

CVE-2023-28767

2023-07-1717:15:09

CWE-78

[email protected]

web.nvd.nist.gov

zyxel atp

usg flex

firmware

os commands

lan-based attacker

cloud management

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

21.0%

JSON

The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions 5.00 through 5.36, USG FLEX 50(W) series firmware versions 5.10 through 5.36,

USG20(W)-VPN series firmware versions 5.10 through 5.36, and VPN series firmware versions 5.00 through 5.36. An unauthenticated, LAN-based attacker could leverage the vulnerability to inject some operating system (OS) commands into the device configuration data on an affected device when the cloud management mode is enabled.

Affected configurations

NVD

Node

zyxelusg_2200-vpnMatch-

AND

zyxelusg_2200-vpn_firmwareRange5.00–5.37

Node

zyxelusg_flex_100Match-

AND

zyxelusg_flex_100_firmwareRange5.00–5.37

Node

zyxelusg_flex_100wMatch-

AND

zyxelusg_flex_100w_firmwareRange5.00–5.37

Node

zyxelusg_flex_200Match-

AND

zyxelusg_flex_200_firmwareRange5.00–5.37

Node

zyxelusg_flex_50Match-

AND

zyxelusg_flex_50_firmwareRange5.00–5.37

Node

zyxelusg_flex_500_firmwareRange5.00–5.37

AND

zyxelusg_flex_500Match-

Node

zyxelusg_flex_50w_firmwareRange5.00–5.37

AND

zyxelusg_flex_50wMatch-

Node

zyxelusg_flex_700_firmwareRange5.00–5.37

AND

zyxelusg_flex_700Match-

Node

zyxelzywall_vpn100_firmwareRange5.00–5.37

AND

zyxelzywall_vpn100Match-

Node

zyxelzywall_vpn2s_firmwareRange5.00–5.37

AND

zyxelzywall_vpn2sMatch-

Node

zyxelzywall_vpn300_firmwareRange5.00–5.37

AND

zyxelzywall_vpn300Match-

Node

zyxelzywall_vpn50_firmwareRange5.00–5.37

AND

zyxelzywall_vpn50Match-

Node

zyxelzywall_vpn_100_firmwareRange5.00–5.37

AND

zyxelzywall_vpn_100Match-

Node

zyxelzywall_vpn_300_firmwareRange5.00–5.37

AND

zyxelzywall_vpn_300Match-

Node

zyxelzywall_vpn_50_firmwareRange5.00–5.37

AND

zyxelzywall_vpn_50Match-

Node

zyxelusg_20w-vpn_firmwareRange5.10–5.37

AND

zyxelusg_20w-vpnMatch-

Node

zyxelzywall_atp100_firmwareRange5.10–5.37

AND

zyxelzywall_atp100Match-

Node

zyxelzywall_atp100w_firmwareRange5.10–5.37

AND

zyxelzywall_atp100wMatch-

Node

zyxelzywall_atp200_firmwareRange5.10–5.37

AND

zyxelzywall_atp200Match-

Node

zyxelzywall_atp500_firmwareRange5.10–5.37

AND

zyxelzywall_atp500Match-

Node

zyxelzywall_atp700_firmwareRange5.10–5.37

AND

zyxelzywall_atp700Match-

Node

zyxelzywall_atp800_firmwareRange5.10–5.37

AND

zyxelzywall_atp800Match-

References

www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

21.0%

JSON

Related for NVD:CVE-2023-28767

nessus2 prion1 cve1 cvelist1