Vulnerabilites related to zyxel - vmg4005-b50b_firmware
cve-2024-8748
Vulnerability from cvelistv5
Published
2024-12-03 01:15
Modified
2024-12-03 16:31
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG8825-T50K firmware |
Version: <= V5.50(ABOM.8.4)C0 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vmg8825-t50k_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(abom.8.4\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte3301-plus_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte3301-plus_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abqu.5\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte5388-m804_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte5388-m804_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(absq.4\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte5398-m904_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte5398-m904_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abqv.4\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte7480-m804_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte7480-m804_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abra.9\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte7490-m904_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte7490-m904_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abqy.8\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nr7101_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nr7101_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abuv.10\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nr7102_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nr7102_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "v1.00\\(abyd.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nebula_nr5101_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nebula_nr5101_firmware", vendor: "zyxel", versions: [ { lessThan: "1.16\\(accg.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nebula_nr7101_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nebula_nr7101_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.16\\(accc.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nebula_lte3301-plus_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.18\\(acca.4\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx3300-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx3300-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(abvy.5.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx3300-t1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx3300-t1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50(abvy.5.3)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx3301-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx3301-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(abvy.5.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx4510-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx4510-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abyl.7\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx4510-b1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx4510-b1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abyl.7\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx5401-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx5401-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abyo.6.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx5401_b1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx5401_b1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abyo.6.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:ee6510-10_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ee6510-10_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.19\\(acjq.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:ex2210-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ex2210-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(acdi.1\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx3100-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx3100-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(abvl.4.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx3401-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx3401-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abve.2.5\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx3401-b1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx3401-b1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17(abve.2.5)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx5600-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx5600-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.70\\(aceb.3.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx5610-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx5610-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.18\\(acgj.0\\)c2", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:ax7501-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ax7501-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abpc.5.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:ax7501-b1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ax7501-b1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abpc.5.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:pm3100-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "pm3100-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.42(acbf.2.1)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:pm5100-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "pm5100-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.42\\(acbf.2.1\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:pm7300-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "pm7300-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.42\\(abyy.2.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:pm7500-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "pm7500-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.61\\(ackk.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:px3321-t1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "px3321-t1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.44\\(acjb.1\\)c0", status: "affected", version: "0", versionType: "custom", }, { lessThanOrEqual: "5.44\\(achk.0.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:px5301-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "px5301-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.44\\(ackb.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-8748", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T14:40:11.917455Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T16:31:58.508Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "VMG8825-T50K firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= V5.50(ABOM.8.4)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.", }, ], value: "A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-03T01:34:18.062Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-8748", datePublished: "2024-12-03T01:15:46.610Z", dateReserved: "2024-09-12T07:51:38.916Z", dateUpdated: "2024-12-03T16:31:58.508Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-9200
Vulnerability from cvelistv5
Published
2024-12-03 01:33
Modified
2024-12-06 04:55
Severity ?
EPSS score ?
Summary
A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG4005-B50A firmware |
Version: <= V5.15(ABQA.2.2)C0 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:zyxel:emg6726-b10a_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "emg6726-b10a_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.13\\(abnp.8\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vmg3927-b50b_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.13\\(ably.9\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vmg4005-b50a_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.15\\(abqa.2.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vmg4005-b60a_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.15\\(abqa.2.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:vmg4005-b50b_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vmg4005-b50b_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.13\\(abrl.5.1\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vmg4927-b50a_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.13\\(ably.9\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-9200", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-05T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-06T04:55:23.779Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "VMG4005-B50A firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= V5.15(ABQA.2.2)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A post-authentication command injection vulnerability in the \"host\" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.", }, ], value: "A post-authentication command injection vulnerability in the \"host\" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-03T01:33:47.398Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-9200", datePublished: "2024-12-03T01:33:47.398Z", dateReserved: "2024-09-26T09:34:37.485Z", dateUpdated: "2024-12-06T04:55:23.779Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2024-12-03 02:15
Modified
2025-01-21 21:20
Severity ?
Summary
A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte3301-plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6716746F-4642-4BA8-B1FB-38CBE0FEFE65", versionEndExcluding: "1.00\\(abqu.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "4814D3A1-C0D4-4573-AD77-C2EE7AC11CB4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5388-m804_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F8A2E6EF-6C66-4D10-8F13-207C102BB403", versionEndExcluding: "1.00\\(absq.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5388-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E67FFCF7-ECE9-4644-B248-1B6E10AD9398", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5398-m904_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C439774C-3B11-4738-8F57-24AE9190E437", versionEndExcluding: "1.00\\(abq.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5398-m904:-:*:*:*:*:*:*:*", matchCriteriaId: "F90453B8-19FF-4FF3-A167-E1A70E022201", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "441D0E0B-3740-41A5-B227-F737C011B935", versionEndExcluding: "1.00\\(abra.10\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E3480021-1538-48ED-BE89-BB0DF562C7DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7490-m904_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F271F483-5F07-4305-B674-87C29D59DCBF", versionEndExcluding: "1.00\\(abqy.9\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:*", matchCriteriaId: "DC75F6DE-DCAF-47A0-B6BB-0E050C68AF25", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A73FA031-D008-4AFA-AAEB-8DCDAD995B46", versionEndExcluding: "1.00\\(abu.11\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "E4D27B24-9822-432C-8B8B-9546EE32DEC6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "90099DBC-0E96-4F19-BEDF-1220A2E054DC", versionEndExcluding: "1.00\\(abyd.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*", matchCriteriaId: "F1A15757-DE6F-4A72-9CAD-BAC04BD340A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_nr5101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8EECE4B-3C71-4738-8A95-FDD453D5F077", versionEndExcluding: "1.16\\(accg.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_nr5101:-:*:*:*:*:*:*:*", matchCriteriaId: "F9F605B8-A892-4119-AB7A-D14CDC5DFC88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "16CC26F4-CE74-470D-98B0-CDD57B19DE7E", versionEndExcluding: "1.16\\(accc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "52096C1F-F73C-413E-9D37-82EFA4703AEC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E09E83F-148C-4598-91A4-9712C198A0D6", versionEndExcluding: "1.18\\(acca.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "42297A6A-3E50-4E9E-ABF6-58C77F222DC1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "68D2EEEC-58EA-4444-AFBD-8CDA76DE7C30", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "6D3E176E-F728-4385-8533-4C694D43898A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72C17621-DFBD-43E0-ABCE-31EA1424A95D", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "2456F691-C182-4BE6-A08F-5E1717366DCA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F03882BE-6854-4DA0-AE71-E1DF1D9942F0", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E69CBC66-C2FA-441A-A8DE-DE5ABA996503", versionEndExcluding: "5.17\\(abyl.8\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "A0338E1C-2509-4510-8C8D-4BD5AEA47D81", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "99BD602C-4DB1-4C4C-BC2A-EBD52E4C962C", versionEndExcluding: "5.17\\(abyl.8\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "C8668990-045A-4DDD-9089-DE0025B69765", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "14B8FE6B-542A-4EE7-8BD3-7E5547E0BB08", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5B632720-75B8-47A7-8694-C27C2CA26D4E", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ee6510-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CEC2224E-9481-447A-8E1F-0F6BE170323E", versionEndExcluding: "5.19\\(acjq.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ee6510-10:-:*:*:*:*:*:*:*", matchCriteriaId: "CD4AE46D-E374-4224-9A66-4291B6A10C00", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex2210-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F2AE02D-5388-434C-956E-D7B326ABF44F", versionEndExcluding: "5.50\\(acdi.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex2210-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "A71E4E6F-357E-4DAA-B7D7-7CF44000F0CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCAF5BD1-FA85-47D8-AC74-B89C37673872", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "137F8B94-4176-4D9B-8704-28525E7352D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DED77538-32BD-41D0-AFB0-B523B1B0D626", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "F766221F-7478-4E39-B4CD-A2498ACEE754", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "15FA1F1B-3DAB-4C9A-9EAC-6F73C91C6000", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31134E19-A43A-4414-AC4A-A4D3D6D89C3F", versionEndExcluding: "5.44\\(achr.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8714EB1B-38E5-4295-AD26-EE13E2161DEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B24B63E-44D9-4967-9A25-0845F07466DE", versionEndExcluding: "5.44\\(achr.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "A98F76BD-0404-46DD-AE6A-EB630FEC8904", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A631CCE-1DBA-45EA-BCAE-35976C74CFB6", versionEndExcluding: "5.17\\(abup.13\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D5F451D2-9058-439C-B065-C635E1833B28", versionEndExcluding: "5.17\\(abup.13\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "3F955BD9-4D44-46BE-8605-51C6250A74D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F55E0C82-22FD-4345-BA36-3A2F29216AD3", versionEndExcluding: "5.70\\(acif.0.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "D3BCC6A9-1CAE-459D-BE7D-AAB956BD1B92", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08F959D0-DAF0-4D07-811C-54E780ABB35E", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4CE7E255-C846-4509-A6CE-CBC50C0E5EE5", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "7213FA12-5CD6-4E9B-8387-A52AEF17EA10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F887CE60-20C2-4301-B515-5C14C9C8D805", versionEndExcluding: "5.17\\(abry.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "568E5F9E-EFFE-4D1B-B06B-EED70C27985B", versionEndExcluding: "5.17\\(abqx.11\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5512-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2177DB8F-097F-438C-9B0F-E4A14540A89D", versionEndExcluding: "5.70\\(aceg4.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5600-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CAF44159-2967-4DDD-8AD8-DE16871899D7", versionEndExcluding: "5.70\\(acdz.3.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5600-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "021CFB91-4627-4080-BF09-0BB5EFA708DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43F04ACC-EED8-4800-BA30-3FC704AF5D6C", versionEndExcluding: "5.70\\(acdz.3.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "ABFF2039-5DCC-4850-8BDA-3D418629C226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "435327F5-1A4D-46BA-B572-0771BAD3215F", versionEndExcluding: "5.70\\(acdz.3.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "D629D4B6-B2F2-45F1-9295-71751570C231", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "116A0A50-6379-4D72-8059-4D74FA208140", versionEndExcluding: "5.18\\(achn.1.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "1CE049DE-A5DA-4A4F-BA30-BBD09FF34DE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7710-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "19EE58DA-A323-4BE1-A761-5E2C94F8A2A6", versionEndExcluding: "5.18\\(acak.1.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7710-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "07727D9C-723B-4761-B6B6-07FE1784D3C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B992C7F8-F4DF-4426-ACFE-B1EF7DB26E53", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93D83C92-EE57-48F4-B532-FC13657D0F37", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "131D1D3D-382A-4563-B608-3848AACDF8A0", versionEndExcluding: "5.50\\(abom.8.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "593C78E3-E459-4519-9313-FAA93315A6C8", versionEndExcluding: "5.13\\(abnp.8\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*", matchCriteriaId: "304D3B33-F7EC-4EB3-B6EF-6BEB2112F9C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC43957D-D4F5-4D72-9876-C2796F9714CD", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1009022D-5033-47D2-B310-5B0C42CA3F69", versionEndExcluding: "5.13\\(ably.9\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "94BE349D-EC30-4EB7-8B68-EA7223364A4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F5030BD1-0653-4431-87B9-07CA0C1FDE33", versionEndExcluding: "5.50\\(abom.8.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BFEB980C-00C4-45DB-A2C1-64F3BB69DF54", versionEndExcluding: "5.15\\(abqa.2.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "88F74228-AC0C-4150-974D-54D77BBF9A90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD035A19-15E2-4740-A264-11D0E30777A2", versionEndExcluding: "5.15\\(abqa.2.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8696573D-D3FF-4CAB-B6C0-743B8AAA20AE", versionEndExcluding: "5.13\\(abrl.5.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "36B2A37B-0662-43E7-AEB4-DF0C5A30A95F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D62F49F-1E1B-4E6E-A72A-1DEC917E21DC", versionEndExcluding: "5.13\\(ably.9\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "C0EE70D2-51BB-4E45-8995-655C1394C440", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "916BC802-CBB6-43FE-91D2-76EFA752481C", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FA0D8789-938A-475D-B105-64B225BABD97", versionEndExcluding: "5.50\\(abom.8.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2EEC4924-34DB-4AFB-8CEF-0ABBAFFD0E0B", versionEndExcluding: "5.50\\(abpy.1\\)b26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F525A6F3-7510-47EF-AD60-A05214BEAFF8", versionEndExcluding: "5.17\\(abpc.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "77887B8D-E582-41FC-8ED5-11D631C5A062", versionEndExcluding: "5.17\\(abpc.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "780BBA7D-7E2C-4624-AA15-8A51F3DF428F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "804D1F95-0D82-4052-98C6-996DBB94BB48", versionEndExcluding: "5.42\\(acbf.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F78F88D4-A782-4075-A3CB-A728CE4014DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm5100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85D7006F-2710-4A4E-958B-F707865D942A", versionEndExcluding: "5.42\\(acbf.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0E85316-F791-4789-AA88-DE1D5E9E62A0", versionEndExcluding: "5.42\\(abyy.2.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7500-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95E49610-E756-42B8-8C0C-438A587EB8DB", versionEndExcluding: "5.61\\(ackk.0.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7500-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "09F7FD2C-ED57-4EB4-9EB7-DE2F376FD858", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A23D6389-D322-4EC0-847A-488B735CE373", versionEndExcluding: "5.44\\(acjb.1.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB525DE-2E08-4848-976E-7DF6C7E19578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A6DBE5D0-F363-4EDA-8CE9-14F2B2B0C19D", versionEndExcluding: "5.44\\(achk.0.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB525DE-2E08-4848-976E-7DF6C7E19578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px5301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2213D90C-25CE-4A61-8479-1BC87DF35A80", versionEndExcluding: "5.44\\(ackb.0.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px5301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "7EBB4C27-DAEB-4297-98DC-3B22353B5184", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7D3A977-B98F-4626-8C3A-D830F5355D85", versionEndExcluding: "5.50\\(abl.4.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C56248-D12F-46DC-A52F-0607E4A5DCCC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "801684BD-8E4B-4881-9052-0116734FFB66", versionEndExcluding: "5.17\\(abe.2.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "677C554B-F9C7-4780-97C0-6021146F8B3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23166E44-D53C-4410-B50D-9C7C10B1D7E8", versionEndExcluding: "5.17\\(abe.2.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "E7C8FB13-CBCF-4A74-8DFD-874B9A990577", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5F48FFD6-108C-459D-96D8-5ABE4F10681A", versionEndExcluding: "5.70\\(aceb.3.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5610-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3280237A-C025-4324-8747-39EE5D697327", versionEndExcluding: "5.18\\(acgj0.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5610-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88909887-E078-4EC5-BA49-2EFCABF1EB1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.", }, { lang: "es", value: "Una vulnerabilidad de desbordamiento de búfer en el analizador de paquetes de la librería de terceros \"libclinkc\" en las versiones de firmware Zyxel VMG8825-T50K hasta V5.50(ABOM.8.4)C0 podría permitir que un atacante provoque una condición de denegación de servicio (DoS) temporal contra la interfaz de administración web al enviar una solicitud HTTP POST manipulada a un dispositivo vulnerable.", }, ], id: "CVE-2024-8748", lastModified: "2025-01-21T21:20:19.757", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-12-03T02:15:17.620", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "security@zyxel.com.tw", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-12-03 02:15
Modified
2025-01-21 21:13
Severity ?
Summary
A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zyxel | emg6726-b10a_firmware | * | |
| zyxel | emg6726-b10a | - | |
| zyxel | vmg3927-b50b_firmware | * | |
| zyxel | vmg3927-b50b | - | |
| zyxel | vmg4005-b50a_firmware | * | |
| zyxel | vmg4005-b50a | - | |
| zyxel | vmg4005-b60a_firmware | * | |
| zyxel | vmg4005-b60a | - | |
| zyxel | vmg4005-b50b_firmware | * | |
| zyxel | vmg4005-b50b | - | |
| zyxel | vmg4927-b50a_firmware | * | |
| zyxel | vmg4927-b50a | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "593C78E3-E459-4519-9313-FAA93315A6C8", versionEndExcluding: "5.13\\(abnp.8\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*", matchCriteriaId: "304D3B33-F7EC-4EB3-B6EF-6BEB2112F9C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1009022D-5033-47D2-B310-5B0C42CA3F69", versionEndExcluding: "5.13\\(ably.9\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "94BE349D-EC30-4EB7-8B68-EA7223364A4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BFEB980C-00C4-45DB-A2C1-64F3BB69DF54", versionEndExcluding: "5.15\\(abqa.2.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "88F74228-AC0C-4150-974D-54D77BBF9A90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD035A19-15E2-4740-A264-11D0E30777A2", versionEndExcluding: "5.15\\(abqa.2.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8696573D-D3FF-4CAB-B6C0-743B8AAA20AE", versionEndExcluding: "5.13\\(abrl.5.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "36B2A37B-0662-43E7-AEB4-DF0C5A30A95F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D62F49F-1E1B-4E6E-A72A-1DEC917E21DC", versionEndExcluding: "5.13\\(ably.9\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "C0EE70D2-51BB-4E45-8995-655C1394C440", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A post-authentication command injection vulnerability in the \"host\" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.", }, { lang: "es", value: "Una vulnerabilidad de inyección de comandos posterior a la autenticación en el parámetro \"host\" de la función de diagnóstico en las versiones de firmware Zyxel VMG4005-B50A hasta V5.15(ABQA.2.2)C0 podría permitir que un atacante autenticado con privilegios de administrador ejecute comandos del sistema operativo (OS) en un dispositivo vulnerable.", }, ], id: "CVE-2024-9200", lastModified: "2025-01-21T21:13:29.700", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-12-03T02:15:17.913", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "security@zyxel.com.tw", type: "Primary", }, ], }