Lucene search

[email protected]NVD:CVE-2023-34138

HistoryJul 17, 2023 - 6:15 p.m.

CVE-2023-34138

2023-07-1718:15:09

CWE-78

[email protected]

web.nvd.nist.gov

command injection

zyxel atp

usg flex

usg20(w)-vpn

firmware vulnerability

unauthenticated attacker

lan-based

os commands

radius clients

8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.0005 Low

EPSS

Percentile

17.6%

JSON

A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2, USG FLEX series firmware versions 4.60 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.60 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.60 through 5.36 Patch 2, and VPN series firmware versions 4.60 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the list of trusted RADIUS clients in advance.

Affected configurations

NVD

Node

zyxelusg_20w-vpnMatch-

AND

zyxelusg_20w-vpn_firmwareRange4.60–5.37

Node

zyxelusg_2200-vpnMatch-

AND

zyxelusg_2200-vpn_firmwareRange4.60–5.37

Node

zyxelusg_flex_100Match-

AND

zyxelusg_flex_100_firmwareRange4.60–5.37

Node

zyxelusg_flex_100wMatch-

AND

zyxelusg_flex_100w_firmwareRange4.60–5.37

Node

zyxelusg_flex_200Match-

AND

zyxelusg_flex_200_firmwareRange4.60–5.37

Node

zyxelusg_flex_50Match-

AND

zyxelusg_flex_50_firmwareRange4.60–5.37

Node

zyxelusg_flex_500Match-

AND

zyxelusg_flex_500_firmwareRange4.60–5.37

Node

zyxelusg_flex_50wMatch-

AND

zyxelusg_flex_50w_firmwareRange4.60–5.37

Node

zyxelusg_flex_700_firmwareRange4.60–5.37

AND

zyxelusg_flex_700Match-

Node

zyxelzywall_atp100_firmwareRange4.60–5.37

AND

zyxelzywall_atp100Match-

Node

zyxelzywall_atp100w_firmwareRange4.60–5.37

AND

zyxelzywall_atp100wMatch-

Node

zyxelzywall_atp200_firmwareRange4.60–5.37

AND

zyxelzywall_atp200Match-

Node

zyxelzywall_atp500_firmwareRange4.60–5.37

AND

zyxelzywall_atp500Match-

Node

zyxelzywall_atp700_firmwareRange4.60–5.37

AND

zyxelzywall_atp700Match-

Node

zyxelzywall_atp800_firmwareRange4.60–5.37

AND

zyxelzywall_atp800Match-

Node

zyxelzywall_vpn100_firmwareRange4.60–5.37

AND

zyxelzywall_vpn100Match-

Node

zyxelzywall_vpn2s_firmwareRange4.60–5.37

AND

zyxelzywall_vpn2sMatch-

Node

zyxelzywall_vpn300_firmwareRange4.60–5.37

AND

zyxelzywall_vpn300Match-

Node

zyxelzywall_vpn50_firmwareRange4.60–5.37

AND

zyxelzywall_vpn50Match-

Node

zyxelzywall_vpn_100_firmwareRange4.60–5.37

AND

zyxelzywall_vpn_100Match-

Node

zyxelzywall_vpn_300_firmwareRange4.60–5.37

AND

zyxelzywall_vpn_300Match-

Node

zyxelzywall_vpn_50_firmwareRange4.60–5.37

AND

zyxelzywall_vpn_50Match-

References

www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers

8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.0005 Low

EPSS

Percentile

17.6%

JSON

Related for NVD:CVE-2023-34138

prion1 cve1 cvelist1 nessus1