Vulnerabilites related to zyxel - emg6726-b10a
cve-2024-8748
Vulnerability from cvelistv5
Published
2024-12-03 01:15
Modified
2024-12-03 16:31
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG8825-T50K firmware |
Version: <= V5.50(ABOM.8.4)C0 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vmg8825-t50k_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(abom.8.4\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte3301-plus_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte3301-plus_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abqu.5\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte5388-m804_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte5388-m804_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(absq.4\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte5398-m904_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte5398-m904_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abqv.4\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte7480-m804_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte7480-m804_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abra.9\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte7490-m904_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte7490-m904_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abqy.8\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nr7101_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nr7101_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abuv.10\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nr7102_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nr7102_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "v1.00\\(abyd.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nebula_nr5101_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nebula_nr5101_firmware", vendor: "zyxel", versions: [ { lessThan: "1.16\\(accg.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nebula_nr7101_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nebula_nr7101_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.16\\(accc.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nebula_lte3301-plus_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.18\\(acca.4\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx3300-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx3300-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(abvy.5.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx3300-t1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx3300-t1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50(abvy.5.3)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx3301-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx3301-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(abvy.5.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx4510-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx4510-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abyl.7\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx4510-b1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx4510-b1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abyl.7\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx5401-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx5401-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abyo.6.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx5401_b1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx5401_b1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abyo.6.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:ee6510-10_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ee6510-10_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.19\\(acjq.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:ex2210-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ex2210-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(acdi.1\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx3100-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx3100-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(abvl.4.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx3401-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx3401-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abve.2.5\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx3401-b1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx3401-b1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17(abve.2.5)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx5600-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx5600-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.70\\(aceb.3.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx5610-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx5610-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.18\\(acgj.0\\)c2", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:ax7501-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ax7501-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abpc.5.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:ax7501-b1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ax7501-b1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abpc.5.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:pm3100-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "pm3100-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.42(acbf.2.1)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:pm5100-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "pm5100-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.42\\(acbf.2.1\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:pm7300-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "pm7300-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.42\\(abyy.2.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:pm7500-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "pm7500-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.61\\(ackk.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:px3321-t1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "px3321-t1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.44\\(acjb.1\\)c0", status: "affected", version: "0", versionType: "custom", }, { lessThanOrEqual: "5.44\\(achk.0.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:px5301-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "px5301-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.44\\(ackb.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-8748", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T14:40:11.917455Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T16:31:58.508Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "VMG8825-T50K firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= V5.50(ABOM.8.4)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.", }, ], value: "A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-03T01:34:18.062Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-8748", datePublished: "2024-12-03T01:15:46.610Z", dateReserved: "2024-09-12T07:51:38.916Z", dateUpdated: "2024-12-03T16:31:58.508Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-9200
Vulnerability from cvelistv5
Published
2024-12-03 01:33
Modified
2024-12-06 04:55
Severity ?
EPSS score ?
Summary
A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG4005-B50A firmware |
Version: <= V5.15(ABQA.2.2)C0 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:zyxel:emg6726-b10a_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "emg6726-b10a_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.13\\(abnp.8\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vmg3927-b50b_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.13\\(ably.9\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vmg4005-b50a_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.15\\(abqa.2.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vmg4005-b60a_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.15\\(abqa.2.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:vmg4005-b50b_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vmg4005-b50b_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.13\\(abrl.5.1\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vmg4927-b50a_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.13\\(ably.9\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-9200", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-05T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-06T04:55:23.779Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "VMG4005-B50A firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= V5.15(ABQA.2.2)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A post-authentication command injection vulnerability in the \"host\" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.", }, ], value: "A post-authentication command injection vulnerability in the \"host\" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-03T01:33:47.398Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-9200", datePublished: "2024-12-03T01:33:47.398Z", dateReserved: "2024-09-26T09:34:37.485Z", dateUpdated: "2024-12-06T04:55:23.779Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26413
Vulnerability from cvelistv5
Published
2022-04-11 12:00
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG3312-T20A firmware |
Version: V5.30(ABFX.5)C0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.814Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "VMG3312-T20A firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "V5.30(ABFX.5)C0", }, ], }, ], descriptions: [ { lang: "en", value: "A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-11T12:00:19", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@zyxel.com.tw", ID: "CVE-2022-26413", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "VMG3312-T20A firmware", version: { version_data: [ { version_value: "V5.30(ABFX.5)C0", }, ], }, }, ], }, vendor_name: "Zyxel", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.", }, ], }, impact: { cvss: { baseScore: "8.0", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, ], }, ], }, references: { reference_data: [ { name: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", refsource: "CONFIRM", url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2022-26413", datePublished: "2022-04-11T12:00:19", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.814Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26414
Vulnerability from cvelistv5
Published
2022-04-11 12:05
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG3312-T20A firmware |
Version: V5.30(ABFX.5)C0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.637Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "VMG3312-T20A firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "V5.30(ABFX.5)C0", }, ], }, ], descriptions: [ { lang: "en", value: "A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-11T12:05:11", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@zyxel.com.tw", ID: "CVE-2022-26414", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "VMG3312-T20A firmware", version: { version_data: [ { version_value: "V5.30(ABFX.5)C0", }, ], }, }, ], }, vendor_name: "Zyxel", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.", }, ], }, impact: { cvss: { baseScore: "6.0", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, ], }, ], }, references: { reference_data: [ { name: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", refsource: "CONFIRM", url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2022-26414", datePublished: "2022-04-11T12:05:11", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.637Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2022-04-11 13:15
Modified
2024-11-21 06:53
Severity ?
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3312-t20a_firmware:5.30\\(abfx.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "EF433563-7AA7-41BF-9ECF-F1E1B9C5C1C4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3312-t20a:-:*:*:*:*:*:*:*", matchCriteriaId: "59AF3952-10E9-4AC8-BA25-BA5C3C203063", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:america:*:*:*", matchCriteriaId: "FE982B82-95DD-40FA-8A7E-F6EB44323692", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:emea:*:*:*", matchCriteriaId: "EB52E6B4-08EF-4427-AA01-E783C9F1FCF4", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:america:*:*:*", matchCriteriaId: "A48A0914-787A-4884-909E-3332DD472873", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:emea:*:*:*", matchCriteriaId: "1B417B43-F5C6-4551-BD4E-7E2706BCF8B9", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9FAE1EA0-A113-4324-8347-838A01B00437", versionEndExcluding: "5.50\\(abom.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1D931985-C10C-41C4-B459-FC454DE8C9FA", versionEndExcluding: "5.13\\(abnp.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*", matchCriteriaId: "304D3B33-F7EC-4EB3-B6EF-6BEB2112F9C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg1312-t20b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5252A997-772F-4785-8440-B7909A9860A8", versionEndExcluding: "5.50\\(absb.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg1312-t20b:-:*:*:*:*:*:*:*", matchCriteriaId: "37348176-08FD-40F0-9903-05ABABBB1F5C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "331ACFBC-2467-45CC-82A3-717C93D34D02", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "291B5E34-3870-46DD-9A74-2D2FFD1B6E52", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "F814684F-D45D-4EF8-A294-A6122B7A760B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6D55734D-F4F4-4C97-BC31-7B532DA47EA9", versionEndExcluding: "5.13\\(ably.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "94BE349D-EC30-4EB7-8B68-EA7223364A4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3D4293E4-AE61-4978-A750-D5FAF442D67B", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "99C11501-33FD-4421-909E-E6533EF6F03A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8201B9D7-433E-4D79-9115-FA1F25223121", versionEndExcluding: "5.50\\(abom.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "543081DE-AEC8-4658-AAE4-63EE1A261645", versionEndExcluding: "5.13\\(ably.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "C0EE70D2-51BB-4E45-8995-655C1394C440", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A24F15A-1F77-413C-9BD1-CFBE890ACD31", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDACBF89-DCA8-43F0-91BF-8A29E63B33BD", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "ED88F55C-C687-4413-BEC8-DEB15D6AA2F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8B10EC6-E8B2-4619-8F9D-10516569B806", versionEndExcluding: "5.17\\(abny.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "7D66B624-EAAA-4C2D-BBE6-D0A0ED6BD5F1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0933D98-49F6-4B0F-9D04-2149BFB7FB7F", versionEndExcluding: "5.50\\(abom.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "502EBC83-0E8D-4B13-BA0D-040B40C58A1D", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "7654E872-36CA-4502-9B91-01741D6E4F46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b60b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B963909-27C2-43A6-9479-EE2F863FC817", versionEndExcluding: "5.17\\(abny.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b60b:-:*:*:*:*:*:*:*", matchCriteriaId: "6368C175-7D1B-4F70-B11F-B8CE7FBE0B82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:xmg3927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81E3153A-08CF-4F02-97EA-B68751EE7791", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:xmg3927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "99B19AC3-D417-48C7-8C18-F5516794260B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:xmg8825-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0E58CAE-3737-406F-9647-B59598A6733A", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:xmg8825-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "4861B59F-AB86-4A4D-A04C-6EE68EC4A206", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91B77C-EC30-4C88-AAEB-330B7A3E0470", versionEndExcluding: "5.17\\(abyo.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C6781DA-4800-47E9-BB67-89ACC0F43D04", versionEndExcluding: "5.17\\(abup.4\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B3B44185-756B-4B9B-A377-DB3191606702", versionEndExcluding: "5.17\\(abyo.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "291AA836-D0F7-4AD7-8D76-0F1A5B9ECCCF", versionEndExcluding: "5.17\\(abry.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5EF7BC18-210C-4E21-A850-61A8D6B701BE", versionEndExcluding: "5.17\\(abpc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ep240p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "457C1585-BD6F-4C3A-953D-96194EDD065E", versionEndExcluding: "5.40\\(abh.0\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ep240p:-:*:*:*:*:*:*:*", matchCriteriaId: "91367DDE-F430-42F7-B4F2-28AEF7FDCB12", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D4E0639D-0861-4A10-AFA6-8251AD2217BB", versionEndExcluding: "5.42\\(acbc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "20FA4B81-5FE7-43D5-8A96-A1BF0CBA8CC6", versionEndExcluding: "5.40\\(abki.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*", matchCriteriaId: "9F1334B5-FC76-412F-A7EF-02EEEE677460", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617ga_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E53F230A-806F-413B-BE4B-2A95645751DF", versionEndExcluding: "5.40\\(abna.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*", matchCriteriaId: "9C1B0834-3398-41B0-9A14-7D97768732B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FFBE0FC-A355-4E32-A606-4130B2581CE1", versionEndExcluding: "5.41\\(acbb.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*", matchCriteriaId: "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5622ga_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09514F76-89EC-4ADF-9400-F14BB917EF97", versionEndExcluding: "5.40\\(abnb.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*", matchCriteriaId: "840AF834-B7A6-4ACA-BAB9-996D87476D3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C655ED2E-A791-40B7-99C5-FF3F874A2A27", versionEndExcluding: "5.17\\(abpc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "076C6AD3-E8A3-4639-805E-20FA866BDFDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.", }, { lang: "es", value: "Una vulnerabilidad de inyección de comandos en el programa CGI del firmware de Zyxel VMG3312-T20A versión 5.30(ABFX.5)C0, podría permitir a un atacante local autenticado ejecutar comandos arbitrarios del Sistema Operativo en un dispositivo vulnerable por medio de una interfaz LAN", }, ], id: "CVE-2022-26413", lastModified: "2024-11-21T06:53:54.313", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 7.7, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 5.9, source: "security@zyxel.com.tw", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-11T13:15:07.763", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-12-03 02:15
Modified
2025-01-21 21:13
Severity ?
Summary
A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zyxel | emg6726-b10a_firmware | * | |
| zyxel | emg6726-b10a | - | |
| zyxel | vmg3927-b50b_firmware | * | |
| zyxel | vmg3927-b50b | - | |
| zyxel | vmg4005-b50a_firmware | * | |
| zyxel | vmg4005-b50a | - | |
| zyxel | vmg4005-b60a_firmware | * | |
| zyxel | vmg4005-b60a | - | |
| zyxel | vmg4005-b50b_firmware | * | |
| zyxel | vmg4005-b50b | - | |
| zyxel | vmg4927-b50a_firmware | * | |
| zyxel | vmg4927-b50a | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "593C78E3-E459-4519-9313-FAA93315A6C8", versionEndExcluding: "5.13\\(abnp.8\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*", matchCriteriaId: "304D3B33-F7EC-4EB3-B6EF-6BEB2112F9C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1009022D-5033-47D2-B310-5B0C42CA3F69", versionEndExcluding: "5.13\\(ably.9\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "94BE349D-EC30-4EB7-8B68-EA7223364A4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BFEB980C-00C4-45DB-A2C1-64F3BB69DF54", versionEndExcluding: "5.15\\(abqa.2.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "88F74228-AC0C-4150-974D-54D77BBF9A90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD035A19-15E2-4740-A264-11D0E30777A2", versionEndExcluding: "5.15\\(abqa.2.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8696573D-D3FF-4CAB-B6C0-743B8AAA20AE", versionEndExcluding: "5.13\\(abrl.5.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "36B2A37B-0662-43E7-AEB4-DF0C5A30A95F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D62F49F-1E1B-4E6E-A72A-1DEC917E21DC", versionEndExcluding: "5.13\\(ably.9\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "C0EE70D2-51BB-4E45-8995-655C1394C440", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A post-authentication command injection vulnerability in the \"host\" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.", }, { lang: "es", value: "Una vulnerabilidad de inyección de comandos posterior a la autenticación en el parámetro \"host\" de la función de diagnóstico en las versiones de firmware Zyxel VMG4005-B50A hasta V5.15(ABQA.2.2)C0 podría permitir que un atacante autenticado con privilegios de administrador ejecute comandos del sistema operativo (OS) en un dispositivo vulnerable.", }, ], id: "CVE-2024-9200", lastModified: "2025-01-21T21:13:29.700", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-12-03T02:15:17.913", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "security@zyxel.com.tw", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-12-03 02:15
Modified
2025-01-21 21:20
Severity ?
Summary
A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte3301-plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6716746F-4642-4BA8-B1FB-38CBE0FEFE65", versionEndExcluding: "1.00\\(abqu.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "4814D3A1-C0D4-4573-AD77-C2EE7AC11CB4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5388-m804_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F8A2E6EF-6C66-4D10-8F13-207C102BB403", versionEndExcluding: "1.00\\(absq.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5388-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E67FFCF7-ECE9-4644-B248-1B6E10AD9398", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5398-m904_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C439774C-3B11-4738-8F57-24AE9190E437", versionEndExcluding: "1.00\\(abq.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5398-m904:-:*:*:*:*:*:*:*", matchCriteriaId: "F90453B8-19FF-4FF3-A167-E1A70E022201", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "441D0E0B-3740-41A5-B227-F737C011B935", versionEndExcluding: "1.00\\(abra.10\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E3480021-1538-48ED-BE89-BB0DF562C7DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7490-m904_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F271F483-5F07-4305-B674-87C29D59DCBF", versionEndExcluding: "1.00\\(abqy.9\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:*", matchCriteriaId: "DC75F6DE-DCAF-47A0-B6BB-0E050C68AF25", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A73FA031-D008-4AFA-AAEB-8DCDAD995B46", versionEndExcluding: "1.00\\(abu.11\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "E4D27B24-9822-432C-8B8B-9546EE32DEC6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "90099DBC-0E96-4F19-BEDF-1220A2E054DC", versionEndExcluding: "1.00\\(abyd.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*", matchCriteriaId: "F1A15757-DE6F-4A72-9CAD-BAC04BD340A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_nr5101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8EECE4B-3C71-4738-8A95-FDD453D5F077", versionEndExcluding: "1.16\\(accg.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_nr5101:-:*:*:*:*:*:*:*", matchCriteriaId: "F9F605B8-A892-4119-AB7A-D14CDC5DFC88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "16CC26F4-CE74-470D-98B0-CDD57B19DE7E", versionEndExcluding: "1.16\\(accc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "52096C1F-F73C-413E-9D37-82EFA4703AEC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E09E83F-148C-4598-91A4-9712C198A0D6", versionEndExcluding: "1.18\\(acca.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "42297A6A-3E50-4E9E-ABF6-58C77F222DC1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "68D2EEEC-58EA-4444-AFBD-8CDA76DE7C30", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "6D3E176E-F728-4385-8533-4C694D43898A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72C17621-DFBD-43E0-ABCE-31EA1424A95D", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "2456F691-C182-4BE6-A08F-5E1717366DCA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F03882BE-6854-4DA0-AE71-E1DF1D9942F0", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E69CBC66-C2FA-441A-A8DE-DE5ABA996503", versionEndExcluding: "5.17\\(abyl.8\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "A0338E1C-2509-4510-8C8D-4BD5AEA47D81", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "99BD602C-4DB1-4C4C-BC2A-EBD52E4C962C", versionEndExcluding: "5.17\\(abyl.8\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "C8668990-045A-4DDD-9089-DE0025B69765", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "14B8FE6B-542A-4EE7-8BD3-7E5547E0BB08", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5B632720-75B8-47A7-8694-C27C2CA26D4E", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ee6510-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CEC2224E-9481-447A-8E1F-0F6BE170323E", versionEndExcluding: "5.19\\(acjq.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ee6510-10:-:*:*:*:*:*:*:*", matchCriteriaId: "CD4AE46D-E374-4224-9A66-4291B6A10C00", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex2210-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F2AE02D-5388-434C-956E-D7B326ABF44F", versionEndExcluding: "5.50\\(acdi.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex2210-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "A71E4E6F-357E-4DAA-B7D7-7CF44000F0CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCAF5BD1-FA85-47D8-AC74-B89C37673872", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "137F8B94-4176-4D9B-8704-28525E7352D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DED77538-32BD-41D0-AFB0-B523B1B0D626", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "F766221F-7478-4E39-B4CD-A2498ACEE754", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "15FA1F1B-3DAB-4C9A-9EAC-6F73C91C6000", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31134E19-A43A-4414-AC4A-A4D3D6D89C3F", versionEndExcluding: "5.44\\(achr.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8714EB1B-38E5-4295-AD26-EE13E2161DEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B24B63E-44D9-4967-9A25-0845F07466DE", versionEndExcluding: "5.44\\(achr.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "A98F76BD-0404-46DD-AE6A-EB630FEC8904", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A631CCE-1DBA-45EA-BCAE-35976C74CFB6", versionEndExcluding: "5.17\\(abup.13\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D5F451D2-9058-439C-B065-C635E1833B28", versionEndExcluding: "5.17\\(abup.13\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "3F955BD9-4D44-46BE-8605-51C6250A74D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F55E0C82-22FD-4345-BA36-3A2F29216AD3", versionEndExcluding: "5.70\\(acif.0.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "D3BCC6A9-1CAE-459D-BE7D-AAB956BD1B92", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08F959D0-DAF0-4D07-811C-54E780ABB35E", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4CE7E255-C846-4509-A6CE-CBC50C0E5EE5", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "7213FA12-5CD6-4E9B-8387-A52AEF17EA10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F887CE60-20C2-4301-B515-5C14C9C8D805", versionEndExcluding: "5.17\\(abry.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "568E5F9E-EFFE-4D1B-B06B-EED70C27985B", versionEndExcluding: "5.17\\(abqx.11\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5512-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2177DB8F-097F-438C-9B0F-E4A14540A89D", versionEndExcluding: "5.70\\(aceg4.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5600-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CAF44159-2967-4DDD-8AD8-DE16871899D7", versionEndExcluding: "5.70\\(acdz.3.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5600-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "021CFB91-4627-4080-BF09-0BB5EFA708DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43F04ACC-EED8-4800-BA30-3FC704AF5D6C", versionEndExcluding: "5.70\\(acdz.3.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "ABFF2039-5DCC-4850-8BDA-3D418629C226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "435327F5-1A4D-46BA-B572-0771BAD3215F", versionEndExcluding: "5.70\\(acdz.3.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "D629D4B6-B2F2-45F1-9295-71751570C231", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "116A0A50-6379-4D72-8059-4D74FA208140", versionEndExcluding: "5.18\\(achn.1.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "1CE049DE-A5DA-4A4F-BA30-BBD09FF34DE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7710-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "19EE58DA-A323-4BE1-A761-5E2C94F8A2A6", versionEndExcluding: "5.18\\(acak.1.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7710-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "07727D9C-723B-4761-B6B6-07FE1784D3C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B992C7F8-F4DF-4426-ACFE-B1EF7DB26E53", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93D83C92-EE57-48F4-B532-FC13657D0F37", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "131D1D3D-382A-4563-B608-3848AACDF8A0", versionEndExcluding: "5.50\\(abom.8.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "593C78E3-E459-4519-9313-FAA93315A6C8", versionEndExcluding: "5.13\\(abnp.8\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*", matchCriteriaId: "304D3B33-F7EC-4EB3-B6EF-6BEB2112F9C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC43957D-D4F5-4D72-9876-C2796F9714CD", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1009022D-5033-47D2-B310-5B0C42CA3F69", versionEndExcluding: "5.13\\(ably.9\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "94BE349D-EC30-4EB7-8B68-EA7223364A4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F5030BD1-0653-4431-87B9-07CA0C1FDE33", versionEndExcluding: "5.50\\(abom.8.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BFEB980C-00C4-45DB-A2C1-64F3BB69DF54", versionEndExcluding: "5.15\\(abqa.2.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "88F74228-AC0C-4150-974D-54D77BBF9A90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD035A19-15E2-4740-A264-11D0E30777A2", versionEndExcluding: "5.15\\(abqa.2.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8696573D-D3FF-4CAB-B6C0-743B8AAA20AE", versionEndExcluding: "5.13\\(abrl.5.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "36B2A37B-0662-43E7-AEB4-DF0C5A30A95F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D62F49F-1E1B-4E6E-A72A-1DEC917E21DC", versionEndExcluding: "5.13\\(ably.9\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "C0EE70D2-51BB-4E45-8995-655C1394C440", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "916BC802-CBB6-43FE-91D2-76EFA752481C", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FA0D8789-938A-475D-B105-64B225BABD97", versionEndExcluding: "5.50\\(abom.8.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2EEC4924-34DB-4AFB-8CEF-0ABBAFFD0E0B", versionEndExcluding: "5.50\\(abpy.1\\)b26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F525A6F3-7510-47EF-AD60-A05214BEAFF8", versionEndExcluding: "5.17\\(abpc.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "77887B8D-E582-41FC-8ED5-11D631C5A062", versionEndExcluding: "5.17\\(abpc.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "780BBA7D-7E2C-4624-AA15-8A51F3DF428F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "804D1F95-0D82-4052-98C6-996DBB94BB48", versionEndExcluding: "5.42\\(acbf.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F78F88D4-A782-4075-A3CB-A728CE4014DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm5100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85D7006F-2710-4A4E-958B-F707865D942A", versionEndExcluding: "5.42\\(acbf.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0E85316-F791-4789-AA88-DE1D5E9E62A0", versionEndExcluding: "5.42\\(abyy.2.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7500-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95E49610-E756-42B8-8C0C-438A587EB8DB", versionEndExcluding: "5.61\\(ackk.0.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7500-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "09F7FD2C-ED57-4EB4-9EB7-DE2F376FD858", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A23D6389-D322-4EC0-847A-488B735CE373", versionEndExcluding: "5.44\\(acjb.1.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB525DE-2E08-4848-976E-7DF6C7E19578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A6DBE5D0-F363-4EDA-8CE9-14F2B2B0C19D", versionEndExcluding: "5.44\\(achk.0.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB525DE-2E08-4848-976E-7DF6C7E19578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px5301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2213D90C-25CE-4A61-8479-1BC87DF35A80", versionEndExcluding: "5.44\\(ackb.0.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px5301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "7EBB4C27-DAEB-4297-98DC-3B22353B5184", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7D3A977-B98F-4626-8C3A-D830F5355D85", versionEndExcluding: "5.50\\(abl.4.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C56248-D12F-46DC-A52F-0607E4A5DCCC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "801684BD-8E4B-4881-9052-0116734FFB66", versionEndExcluding: "5.17\\(abe.2.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "677C554B-F9C7-4780-97C0-6021146F8B3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23166E44-D53C-4410-B50D-9C7C10B1D7E8", versionEndExcluding: "5.17\\(abe.2.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "E7C8FB13-CBCF-4A74-8DFD-874B9A990577", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5F48FFD6-108C-459D-96D8-5ABE4F10681A", versionEndExcluding: "5.70\\(aceb.3.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5610-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3280237A-C025-4324-8747-39EE5D697327", versionEndExcluding: "5.18\\(acgj0.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5610-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88909887-E078-4EC5-BA49-2EFCABF1EB1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.", }, { lang: "es", value: "Una vulnerabilidad de desbordamiento de búfer en el analizador de paquetes de la librería de terceros \"libclinkc\" en las versiones de firmware Zyxel VMG8825-T50K hasta V5.50(ABOM.8.4)C0 podría permitir que un atacante provoque una condición de denegación de servicio (DoS) temporal contra la interfaz de administración web al enviar una solicitud HTTP POST manipulada a un dispositivo vulnerable.", }, ], id: "CVE-2024-8748", lastModified: "2025-01-21T21:20:19.757", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-12-03T02:15:17.620", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "security@zyxel.com.tw", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-11 13:15
Modified
2024-11-21 06:53
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3312-t20a_firmware:5.30\\(abfx.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "EF433563-7AA7-41BF-9ECF-F1E1B9C5C1C4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3312-t20a:-:*:*:*:*:*:*:*", matchCriteriaId: "59AF3952-10E9-4AC8-BA25-BA5C3C203063", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:america:*:*:*", matchCriteriaId: "FE982B82-95DD-40FA-8A7E-F6EB44323692", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:emea:*:*:*", matchCriteriaId: "EB52E6B4-08EF-4427-AA01-E783C9F1FCF4", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:america:*:*:*", matchCriteriaId: "A48A0914-787A-4884-909E-3332DD472873", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:emea:*:*:*", matchCriteriaId: "1B417B43-F5C6-4551-BD4E-7E2706BCF8B9", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9FAE1EA0-A113-4324-8347-838A01B00437", versionEndExcluding: "5.50\\(abom.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1D931985-C10C-41C4-B459-FC454DE8C9FA", versionEndExcluding: "5.13\\(abnp.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*", matchCriteriaId: "304D3B33-F7EC-4EB3-B6EF-6BEB2112F9C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg1312-t20b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5252A997-772F-4785-8440-B7909A9860A8", versionEndExcluding: "5.50\\(absb.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg1312-t20b:-:*:*:*:*:*:*:*", matchCriteriaId: "37348176-08FD-40F0-9903-05ABABBB1F5C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "331ACFBC-2467-45CC-82A3-717C93D34D02", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "291B5E34-3870-46DD-9A74-2D2FFD1B6E52", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "F814684F-D45D-4EF8-A294-A6122B7A760B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6D55734D-F4F4-4C97-BC31-7B532DA47EA9", versionEndExcluding: "5.13\\(ably.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "94BE349D-EC30-4EB7-8B68-EA7223364A4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3D4293E4-AE61-4978-A750-D5FAF442D67B", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "99C11501-33FD-4421-909E-E6533EF6F03A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8201B9D7-433E-4D79-9115-FA1F25223121", versionEndExcluding: "5.50\\(abom.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "543081DE-AEC8-4658-AAE4-63EE1A261645", versionEndExcluding: "5.13\\(ably.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "C0EE70D2-51BB-4E45-8995-655C1394C440", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A24F15A-1F77-413C-9BD1-CFBE890ACD31", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDACBF89-DCA8-43F0-91BF-8A29E63B33BD", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "ED88F55C-C687-4413-BEC8-DEB15D6AA2F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8B10EC6-E8B2-4619-8F9D-10516569B806", versionEndExcluding: "5.17\\(abny.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "7D66B624-EAAA-4C2D-BBE6-D0A0ED6BD5F1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0933D98-49F6-4B0F-9D04-2149BFB7FB7F", versionEndExcluding: "5.50\\(abom.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "502EBC83-0E8D-4B13-BA0D-040B40C58A1D", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "7654E872-36CA-4502-9B91-01741D6E4F46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b60b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B963909-27C2-43A6-9479-EE2F863FC817", versionEndExcluding: "5.17\\(abny.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b60b:-:*:*:*:*:*:*:*", matchCriteriaId: "6368C175-7D1B-4F70-B11F-B8CE7FBE0B82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:xmg3927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81E3153A-08CF-4F02-97EA-B68751EE7791", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:xmg3927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "99B19AC3-D417-48C7-8C18-F5516794260B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:xmg8825-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0E58CAE-3737-406F-9647-B59598A6733A", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:xmg8825-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "4861B59F-AB86-4A4D-A04C-6EE68EC4A206", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91B77C-EC30-4C88-AAEB-330B7A3E0470", versionEndExcluding: "5.17\\(abyo.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C6781DA-4800-47E9-BB67-89ACC0F43D04", versionEndExcluding: "5.17\\(abup.4\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B3B44185-756B-4B9B-A377-DB3191606702", versionEndExcluding: "5.17\\(abyo.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "291AA836-D0F7-4AD7-8D76-0F1A5B9ECCCF", versionEndExcluding: "5.17\\(abry.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5EF7BC18-210C-4E21-A850-61A8D6B701BE", versionEndExcluding: "5.17\\(abpc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ep240p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "457C1585-BD6F-4C3A-953D-96194EDD065E", versionEndExcluding: "5.40\\(abh.0\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ep240p:-:*:*:*:*:*:*:*", matchCriteriaId: "91367DDE-F430-42F7-B4F2-28AEF7FDCB12", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D4E0639D-0861-4A10-AFA6-8251AD2217BB", versionEndExcluding: "5.42\\(acbc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "20FA4B81-5FE7-43D5-8A96-A1BF0CBA8CC6", versionEndExcluding: "5.40\\(abki.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*", matchCriteriaId: "9F1334B5-FC76-412F-A7EF-02EEEE677460", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617ga_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E53F230A-806F-413B-BE4B-2A95645751DF", versionEndExcluding: "5.40\\(abna.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*", matchCriteriaId: "9C1B0834-3398-41B0-9A14-7D97768732B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FFBE0FC-A355-4E32-A606-4130B2581CE1", versionEndExcluding: "5.41\\(acbb.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*", matchCriteriaId: "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5622ga_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09514F76-89EC-4ADF-9400-F14BB917EF97", versionEndExcluding: "5.40\\(abnb.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*", matchCriteriaId: "840AF834-B7A6-4ACA-BAB9-996D87476D3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C655ED2E-A791-40B7-99C5-FF3F874A2A27", versionEndExcluding: "5.17\\(abpc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "076C6AD3-E8A3-4639-805E-20FA866BDFDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.", }, { lang: "es", value: "Se ha identificado una potencial vulnerabilidad de desbordamiento de búfer en algunas funciones internas del firmware de Zyxel VMG3312-T20A versión 5.30(ABFX.5)C0, que podría ser aprovechada por un atacante local autenticado para causar una denegación de servicio", }, ], id: "CVE-2022-26414", lastModified: "2024-11-21T06:53:54.453", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.2, source: "security@zyxel.com.tw", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-11T13:15:07.857", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }