Vulnerabilites related to zyxel - vmg8623-t50b
cve-2024-38268
Vulnerability from cvelistv5
Published
2024-09-24 01:35
Modified
2024-09-24 15:37
Severity ?
EPSS score ?
Summary
An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG8825-T50K firmware |
Version: <= 5.50(ABOM.8)C0 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-38268", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-24T15:37:47.983578Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-24T15:37:58.810Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "VMG8825-T50K firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 5.50(ABOM.8)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.", }, ], value: "An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-24T01:35:22.675Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-38268", datePublished: "2024-09-24T01:35:22.675Z", dateReserved: "2024-06-12T09:11:12.898Z", dateUpdated: "2024-09-24T15:37:58.810Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-43390
Vulnerability from cvelistv5
Published
2023-01-11 00:00
Modified
2025-04-08 20:16
Severity ?
EPSS score ?
Summary
A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | NR7101 firmware |
Version: < V1.15(ACCC.3)C0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:32:57.394Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-43390", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-08T20:15:49.379601Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-08T20:16:36.803Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "NR7101 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "< V1.15(ACCC.3)C0", }, ], }, ], descriptions: [ { lang: "en", value: "A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-11T00:00:00.000Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders", }, ], }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2022-43390", datePublished: "2023-01-11T00:00:00.000Z", dateReserved: "2022-10-18T00:00:00.000Z", dateUpdated: "2025-04-08T20:16:36.803Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-38267
Vulnerability from cvelistv5
Published
2024-09-24 01:30
Modified
2024-09-24 15:38
Severity ?
EPSS score ?
Summary
An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG8825-T50K firmware |
Version: <= 5.50(ABOM.8)C0 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-38267", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-24T15:38:26.579798Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-24T15:38:34.787Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "VMG8825-T50K firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 5.50(ABOM.8)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.", }, ], value: "An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-24T01:30:45.720Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-38267", datePublished: "2024-09-24T01:30:45.720Z", dateReserved: "2024-06-12T09:11:12.898Z", dateUpdated: "2024-09-24T15:38:34.787Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-5412
Vulnerability from cvelistv5
Published
2024-09-03 01:18
Modified
2024-09-03 14:10
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG8825-T50K firmware |
Version: 5.50(ABOM.8)C0 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "vmg8825-t50k_firmware", vendor: "zyxel", versions: [ { status: "affected", version: "5.50\\(abom.8\\)c0", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-5412", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-03T13:56:18.695788Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-03T14:10:55.771Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "VMG8825-T50K firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "5.50(ABOM.8)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A buffer overflow vulnerability in the library \"libclinkc\" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.", }, ], value: "A buffer overflow vulnerability in the library \"libclinkc\" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-03T01:18:40.444Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerability-in-some-5g-nr-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-devices-09-03-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-5412", datePublished: "2024-09-03T01:18:40.444Z", dateReserved: "2024-05-27T09:15:19.761Z", dateUpdated: "2024-09-03T14:10:55.771Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-8748
Vulnerability from cvelistv5
Published
2024-12-03 01:15
Modified
2024-12-03 16:31
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG8825-T50K firmware |
Version: <= V5.50(ABOM.8.4)C0 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vmg8825-t50k_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(abom.8.4\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte3301-plus_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte3301-plus_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abqu.5\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte5388-m804_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte5388-m804_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(absq.4\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte5398-m904_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte5398-m904_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abqv.4\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte7480-m804_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte7480-m804_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abra.9\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:lte7490-m904_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lte7490-m904_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abqy.8\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nr7101_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nr7101_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.00\\(abuv.10\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nr7102_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nr7102_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "v1.00\\(abyd.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nebula_nr5101_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nebula_nr5101_firmware", vendor: "zyxel", versions: [ { lessThan: "1.16\\(accg.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nebula_nr7101_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nebula_nr7101_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.16\\(accc.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nebula_lte3301-plus_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "1.18\\(acca.4\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx3300-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx3300-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(abvy.5.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx3300-t1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx3300-t1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50(abvy.5.3)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx3301-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx3301-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(abvy.5.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx4510-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx4510-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abyl.7\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx4510-b1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx4510-b1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abyl.7\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx5401-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx5401-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abyo.6.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:dx5401_b1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dx5401_b1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abyo.6.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:ee6510-10_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ee6510-10_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.19\\(acjq.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:ex2210-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ex2210-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(acdi.1\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx3100-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx3100-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.50\\(abvl.4.3\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx3401-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx3401-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abve.2.5\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx3401-b1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx3401-b1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17(abve.2.5)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx5600-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx5600-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.70\\(aceb.3.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:wx5610-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "wx5610-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.18\\(acgj.0\\)c2", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:ax7501-b0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ax7501-b0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abpc.5.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:ax7501-b1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ax7501-b1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.17\\(abpc.5.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:pm3100-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "pm3100-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.42(acbf.2.1)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:pm5100-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "pm5100-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.42\\(acbf.2.1\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:pm7300-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "pm7300-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.42\\(abyy.2.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:pm7500-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "pm7500-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.61\\(ackk.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:px3321-t1_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "px3321-t1_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.44\\(acjb.1\\)c0", status: "affected", version: "0", versionType: "custom", }, { lessThanOrEqual: "5.44\\(achk.0.2\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:zyxel:px5301-t0_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "px5301-t0_firmware", vendor: "zyxel", versions: [ { lessThanOrEqual: "5.44\\(ackb.0\\)c0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-8748", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T14:40:11.917455Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T16:31:58.508Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "VMG8825-T50K firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= V5.50(ABOM.8.4)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.", }, ], value: "A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-03T01:34:18.062Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-8748", datePublished: "2024-12-03T01:15:46.610Z", dateReserved: "2024-09-12T07:51:38.916Z", dateUpdated: "2024-12-03T16:31:58.508Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-43391
Vulnerability from cvelistv5
Published
2023-01-11 00:00
Modified
2024-10-15 17:12
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | NR7101 firmware |
Version: < V1.15(ACCC.3)C0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:32:58.705Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-43391", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T17:09:12.473207Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T17:12:34.022Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NR7101 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "< V1.15(ACCC.3)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.</p>", }, ], value: "A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-29T06:50:37.887Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2022-43391", datePublished: "2023-01-11T00:00:00", dateReserved: "2022-10-18T00:00:00", dateUpdated: "2024-10-15T17:12:34.022Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26413
Vulnerability from cvelistv5
Published
2022-04-11 12:00
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG3312-T20A firmware |
Version: V5.30(ABFX.5)C0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.814Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "VMG3312-T20A firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "V5.30(ABFX.5)C0", }, ], }, ], descriptions: [ { lang: "en", value: "A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-11T12:00:19", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@zyxel.com.tw", ID: "CVE-2022-26413", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "VMG3312-T20A firmware", version: { version_data: [ { version_value: "V5.30(ABFX.5)C0", }, ], }, }, ], }, vendor_name: "Zyxel", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.", }, ], }, impact: { cvss: { baseScore: "8.0", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, ], }, ], }, references: { reference_data: [ { name: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", refsource: "CONFIRM", url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2022-26413", datePublished: "2022-04-11T12:00:19", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.814Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-35036
Vulnerability from cvelistv5
Published
2022-03-01 06:20
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG3625-T50B firmware |
Version: V5.50(ABTL.0)b2k |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:49.906Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "VMG3625-T50B firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "V5.50(ABTL.0)b2k", }, ], }, ], descriptions: [ { lang: "en", value: "A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-312", description: "CWE-312: Cleartext Storage of Sensitive Information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-27T13:19:55", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@zyxel.com.tw", ID: "CVE-2021-35036", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "VMG3625-T50B firmware", version: { version_data: [ { version_value: "V5.50(ABTL.0)b2k", }, ], }, }, ], }, vendor_name: "Zyxel", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.", }, ], }, impact: { cvss: { baseScore: "6.5", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-312: Cleartext Storage of Sensitive Information", }, ], }, ], }, references: { reference_data: [ { name: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability", refsource: "CONFIRM", url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2021-35036", datePublished: "2022-03-01T06:20:12", dateReserved: "2021-06-17T00:00:00", dateUpdated: "2024-08-04T00:33:49.906Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-38269
Vulnerability from cvelistv5
Published
2024-09-24 01:38
Modified
2024-09-24 13:43
Severity ?
EPSS score ?
Summary
An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG8825-T50K firmware |
Version: <= 5.50(ABOM.8)C0 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-38269", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-24T13:20:29.913175Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-24T13:43:24.309Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "VMG8825-T50K firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 5.50(ABOM.8)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.", }, ], value: "An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-24T01:38:14.149Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-38269", datePublished: "2024-09-24T01:38:14.149Z", dateReserved: "2024-06-12T09:11:12.898Z", dateUpdated: "2024-09-24T13:43:24.309Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-38266
Vulnerability from cvelistv5
Published
2024-09-24 01:26
Modified
2024-09-24 15:40
Severity ?
EPSS score ?
Summary
An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG8825-T50K firmware |
Version: <= 5.50(ABOM.8)C0 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-38266", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-24T15:40:20.411880Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-24T15:40:29.933Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "VMG8825-T50K firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= 5.50(ABOM.8)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.", }, ], value: "An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-24T01:31:17.590Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-38266", datePublished: "2024-09-24T01:26:31.998Z", dateReserved: "2024-06-12T09:11:12.898Z", dateUpdated: "2024-09-24T15:40:29.933Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37929
Vulnerability from cvelistv5
Published
2024-05-21 01:23
Modified
2024-08-02 17:23
Severity ?
EPSS score ?
Summary
The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | V5.50(ABPM.8)C0 firmware |
Version: V5.50(ABPM.8)C0 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-37929", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-20T15:15:31.555736Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-20T15:16:52.551Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T17:23:27.734Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerabilities-in-some-5g-nr-4g-lte-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-home-router-devices-05-21-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "V5.50(ABPM.8)C0 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "V5.50(ABPM.8)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.", }, ], value: "The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-21T01:23:53.073Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerabilities-in-some-5g-nr-4g-lte-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-home-router-devices-05-21-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2023-37929", datePublished: "2024-05-21T01:23:53.073Z", dateReserved: "2023-07-11T01:52:33.655Z", dateUpdated: "2024-08-02T17:23:27.734Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-43392
Vulnerability from cvelistv5
Published
2023-01-11 00:00
Modified
2024-11-27 17:13
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | NR7101 firmware |
Version: < V1.15(ACCC.3)C0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:32:58.450Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-43392", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-01-08T21:00:52.401931Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-27T17:13:31.757Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NR7101 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "< V1.15(ACCC.3)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.</p>", }, ], value: "A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-29T06:51:13.677Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2022-43392", datePublished: "2023-01-11T00:00:00", dateReserved: "2022-10-18T00:00:00", dateUpdated: "2024-11-27T17:13:31.757Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26414
Vulnerability from cvelistv5
Published
2022-04-11 12:05
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG3312-T20A firmware |
Version: V5.30(ABFX.5)C0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:03:32.637Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "VMG3312-T20A firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "V5.30(ABFX.5)C0", }, ], }, ], descriptions: [ { lang: "en", value: "A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-11T12:05:11", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@zyxel.com.tw", ID: "CVE-2022-26414", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "VMG3312-T20A firmware", version: { version_data: [ { version_value: "V5.30(ABFX.5)C0", }, ], }, }, ], }, vendor_name: "Zyxel", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.", }, ], }, impact: { cvss: { baseScore: "6.0", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, ], }, ], }, references: { reference_data: [ { name: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", refsource: "CONFIRM", url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2022-26414", datePublished: "2022-04-11T12:05:11", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-03T05:03:32.637Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-9197
Vulnerability from cvelistv5
Published
2024-12-03 01:24
Modified
2024-12-03 16:48
Severity ?
EPSS score ?
Summary
A post-authentication buffer overflow vulnerability in the parameter "action" of the CGI program in Zyxel VMG3625-T50B firmware versions through V5.50(ABPM.9.2)C0 could allow an authenticated attacker with administrator privileges to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP GET request to a vulnerable device if the function ZyEE is enabled.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG3625-T50B firmware |
Version: <= V5.50(ABPM.9.2)C0 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-9197", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T16:47:51.954725Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T16:48:00.520Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "VMG3625-T50B firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "<= V5.50(ABPM.9.2)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A post-authentication buffer overflow vulnerability in the parameter \"action\" of the CGI program in Zyxel VMG3625-T50B firmware versions through V5.50(ABPM.9.2)C0 could allow an authenticated attacker with administrator privileges to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP GET request to a vulnerable device if the function ZyEE is enabled.", }, ], value: "A post-authentication buffer overflow vulnerability in the parameter \"action\" of the CGI program in Zyxel VMG3625-T50B firmware versions through V5.50(ABPM.9.2)C0 could allow an authenticated attacker with administrator privileges to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP GET request to a vulnerable device if the function ZyEE is enabled.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-03T01:35:12.028Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-9197", datePublished: "2024-12-03T01:24:36.983Z", dateReserved: "2024-09-26T02:20:02.424Z", dateUpdated: "2024-12-03T16:48:00.520Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-0816
Vulnerability from cvelistv5
Published
2024-05-21 01:29
Modified
2024-08-01 18:18
Severity ?
EPSS score ?
Summary
The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | DX3300-T1 firmware |
Version: V5.50(ABVY.4)C0 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-0816", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-05-21T15:09:28.440350Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:58:43.786Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T18:18:18.882Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerabilities-in-some-5g-nr-4g-lte-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-home-router-devices-05-21-2024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "DX3300-T1 firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "V5.50(ABVY.4)C0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device.", }, ], value: "The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-21T01:29:00.883Z", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerabilities-in-some-5g-nr-4g-lte-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-home-router-devices-05-21-2024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2024-0816", datePublished: "2024-05-21T01:29:00.883Z", dateReserved: "2024-01-23T01:35:49.705Z", dateUpdated: "2024-08-01T18:18:18.882Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2024-05-21 02:15
Modified
2025-01-22 22:58
Severity ?
Summary
The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte3202-m437_firmware:1.00\\(abwf.3\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "81A33B0C-1C6D-4F91-8A00-1EC2983BA546", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte3202-m437:-:*:*:*:*:*:*:*", matchCriteriaId: "9AFA5A91-B372-464B-9C8E-DFC6552E64EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte3301-plus_firmware:1.00\\(abqu.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "19D6A70E-C613-422C-9877-C7FE746B7DED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "4814D3A1-C0D4-4573-AD77-C2EE7AC11CB4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5388-m804_firmware:1.00\\(absq.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "C5C71961-954D-4D3D-92AB-E13ECE2DD57D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5388-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E67FFCF7-ECE9-4644-B248-1B6E10AD9398", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5398-m904_firmware:1.00\\(abq.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "147D492A-0C2D-4144-B25A-1D8A51C2D803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5398-m904:-:*:*:*:*:*:*:*", matchCriteriaId: "F90453B8-19FF-4FF3-A167-E1A70E022201", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7240-m403_firmware:2.00\\(abmg.7\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "6F7083E8-BE21-4D77-B078-5CF863C45D1A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7240-m403:-:*:*:*:*:*:*:*", matchCriteriaId: "AAE2212F-D523-4706-9FD2-FDA760EE4B4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7480-m804_firmware:1.00\\(abra.8\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "E0C5D3D7-6764-4209-9B72-EC3246BD9E04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E3480021-1538-48ED-BE89-BB0DF562C7DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7490-m904_firmware:1.00\\(abqy.7\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "09978714-3EE5-4F2C-BE71-F10115AB4C3A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:*", matchCriteriaId: "DC75F6DE-DCAF-47A0-B6BB-0E050C68AF25", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr5103_firmware:4.19\\(abyc.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "ACCDDB8C-AB71-4F07-825B-2203128DD2FC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr5103:-:*:*:*:*:*:*:*", matchCriteriaId: "C821C282-A1E3-4E31-A0C3-96936A4D90CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr5103e_firmware:1.00\\(acdj.1\\)b3:*:*:*:*:*:*:*", matchCriteriaId: "81D2689F-5E2C-489B-B7D9-7AB41875B55F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr5103e:-:*:*:*:*:*:*:*", matchCriteriaId: "97C7B929-E318-4E17-8AF9-160C8613132D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr5103ev2_firmware:1.00\\(aciq.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "2EA7238F-921D-464F-BDF9-9AEDDDA80442", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr5103ev2:-:*:*:*:*:*:*:*", matchCriteriaId: "D51186E3-34CE-4417-94B2-5B7AD1DAE43E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr5307_firmware:1.00\\(acjt.0\\)b4:*:*:*:*:*:*:*", matchCriteriaId: "6C574A4A-4B15-4EF8-890B-8581EA4CD041", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr5307:-:*:*:*:*:*:*:*", matchCriteriaId: "27C408EF-36D8-4111-8CC5-C1278A884F67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7101_firmware:1.00\\(abu.9\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "70357ACC-ACB1-4BA4-A545-4354419170A1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "E4D27B24-9822-432C-8B8B-9546EE32DEC6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7102_firmware:1.00\\(abyd.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "056EEAB9-C6C8-4B91-A3CF-561AED14991B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*", matchCriteriaId: "F1A15757-DE6F-4A72-9CAD-BAC04BD340A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7103_firmware:1.00\\(accz.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "C5674FA8-D57E-4F69-B01D-F720BD934915", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7103:-:*:*:*:*:*:*:*", matchCriteriaId: "77584A2D-D878-46E5-A632-10912DC3B794", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7302_firmware:1.00\\(acha.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "211237F0-6215-49DA-937B-B46E54038C96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7302:-:*:*:*:*:*:*:*", matchCriteriaId: "D1793FC4-BA0C-4CFC-93BB-3BCD899E7F23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7303_firmware:1.00\\(acei.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "01229D08-346A-42D5-A38F-6A04D2389F5F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7303:-:*:*:*:*:*:*:*", matchCriteriaId: "9CE64F27-D4A3-40B4-A117-3F5B2B140801", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7501_firmware:1.00\\(aceh.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "3F350386-29DD-4A55-83C2-65B43BAB8A4C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7501:-:*:*:*:*:*:*:*", matchCriteriaId: "AA121671-E805-4FEF-B934-062FD7DC89F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_fwa505_firmware:1.18\\(acko.1\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "20B36C8D-279B-4A77-942E-9018D5C9C589", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_fwa505:-:*:*:*:*:*:*:*", matchCriteriaId: "5052039B-5273-4CDF-AFA5-609855801D24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_fwa510_firmware:1.18\\(acgd.1\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "6D509845-08B7-46FD-B4FD-D51863D7C941", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_fwa510:-:*:*:*:*:*:*:*", matchCriteriaId: "80B7099C-DAA5-4902-A62B-B680C9450575", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_fwa710_firmware:1.17\\(acgc.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "EE14BEBF-EDCD-4360-99DA-95CCC0C7FDCD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_fwa710:-:*:*:*:*:*:*:*", matchCriteriaId: "92221518-C7EA-46D7-8037-A580CEA01093", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:1.17\\(acca.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "EC1FBA6C-5E8F-4132-9AF0-F89D01D33BA1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "42297A6A-3E50-4E9E-ABF6-58C77F222DC1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_lte7461-m602_firmware:1.15\\(ace.3\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "A65D2E79-85C5-4016-BF1D-068B7E9CC272", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_lte7461-m602:-:*:*:*:*:*:*:*", matchCriteriaId: "44AA94AF-24B0-4C91-A990-9418EA5A5DAC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_nr5101_firmware:1.16\\(accg.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "042F6ACF-B952-4D18-A35D-0AE3743B32CB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_nr5101:-:*:*:*:*:*:*:*", matchCriteriaId: "F9F605B8-A892-4119-AB7A-D14CDC5DFC88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_nr7101_firmware:1.16\\(accc.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "494D8AA4-C3D4-42E3-BEB6-39995E6D4470", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "52096C1F-F73C-413E-9D37-82EFA4703AEC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t1_firmware:5.50\\(aby.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "39CA06C1-90B9-4426-8FCD-53908911689E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "2456F691-C182-4BE6-A08F-5E1717366DCA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:5.50\\(aby.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "E7BF144B-4B22-46C2-874E-A2ECD64AB043", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510_firmware:5.17\\(abyl.6\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "F7CBCA82-4DAF-46A9-9043-B1A92CE2DC79", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510:-:*:*:*:*:*:*:*", matchCriteriaId: "48A35F59-2BE4-4BE2-95B2-AE33255BBDA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:5.17\\(abyo.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "F0CAE6A8-B04F-42FB-A0D2-D6F5D4622FAB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b1_firmware:5.17\\(abyo.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "8ED7E7AA-1D08-4CB7-8617-6896C56D68F5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:5.50\\(abpm.8\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "A66CE0FE-27D7-418D-841A-96C5F157A2A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:5.50\\(abpm.8\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "1D9E74CF-3FFA-4613-9831-152955307178", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:5.50\\(abom.8.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "A66FEC22-82D4-4801-8969-D5D5308622A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t1_firmware:5.50\\(aby.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "8A90F2DC-861C-47BF-A67F-D6AAB3595AA5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "F766221F-7478-4E39-B4CD-A2498ACEE754", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3301-t0_firmware:5.50\\(aby.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "B1DBDF16-C65F-4F78-BB2F-E2EDE827A658", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3320-t0_firmware:5.71\\(yak.2\\)d0:*:*:*:*:*:*:*", matchCriteriaId: "185291FB-9202-4919-B0D7-403FF35ACA94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3320-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "D2152C57-561C-41FB-BF0F-11EEE36ED9DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3320-t1_firmware:5.71\\(yap.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "051DD8B7-52A0-4629-BD8F-B4952E22C857", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3320-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "07BC3506-9000-4897-B8E2-45CA354F0953", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3500-t0_firmware:5.44\\(achr.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "D1B3F5D6-77F3-41DB-A2F1-D3D66464A598", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8714EB1B-38E5-4295-AD26-EE13E2161DEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3501-t0_firmware:5.44\\(achr.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "ECD2D2A5-0884-4B2A-A969-F48230F6F35D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "A98F76BD-0404-46DD-AE6A-EB630FEC8904", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510_firmware:5.17\\(abup.11\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "EB0F17F9-DA8D-4BA0-81BA-2969DEAB5E82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510:-:*:*:*:*:*:*:*", matchCriteriaId: "E0F2881E-A3FB-40FE-8259-0B69AFA025E0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:5.17\\(abyo.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "394DBD92-A0F2-483C-9455-5699CBC30C1D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b1_firmware:5.17\\(abyo.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "29922C44-EE6B-4204-93AE-A651D7E3F3DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "7213FA12-5CD6-4E9B-8387-A52AEF17EA10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5501-b0_firmware:5.17\\(abry.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "8983D127-53E7-45F7-A125-B400AE354D79", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5510_firmware:5.17\\(abqx.9\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "4253BD52-714D-4F97-8622-CC92E52B5C9E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5510:-:*:*:*:*:*:*:*", matchCriteriaId: "469C7BC8-47DB-4B39-9DD5-BB6C5620C488", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5512-t0_firmware:5.70\\(aceg.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "3C26B8D2-7745-4D48-B8DA-3A8DD94DCECD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5600-t1_firmware:5.70\\(acdz.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "B0FB1871-0E0C-4262-A0F3-7C9F86803187", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5600-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "021CFB91-4627-4080-BF09-0BB5EFA708DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t0_firmware:5.70\\(acdz.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "C601F782-6040-4CE3-AE17-46740DADFA68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "ABFF2039-5DCC-4850-8BDA-3D418629C226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t1_firmware:5.70\\(acdz.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "2611F0F9-CE8D-4DA9-B88F-213DF947983D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "D629D4B6-B2F2-45F1-9295-71751570C231", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7710-b0_firmware:5.18\\(acak.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "FAE3F3CA-CCE5-4894-BEC0-5D06D2F3D806", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7710-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "07727D9C-723B-4761-B6B6-07FE1784D3C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:5.50\\(abpm.8\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "5B8ACC3B-6A8E-4380-A621-551D64ADDB35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:5.50\\(abom.8.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "A7E4B285-39A7-4B20-8F7C-C1FCCEC45879", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:5.17\\(abqa.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "1AB9DF68-C592-4C25-A032-0DFC4AA5C4B9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "88F74228-AC0C-4150-974D-54D77BBF9A90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:5.17\\(abqa.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "F24368C0-03E7-461B-901F-176F4470EED4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:5.50\\(abpm.8\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "63727E2F-DBDC-490B-81C7-3E6C4B640694", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:5.50\\(abom.8.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "904EDFD7-FB8E-4E4F-AFD6-C8153C99B9CD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:5.17\\(abpc.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "ADBFF951-7503-45B3-838D-5CEFC1E22303", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b1_firmware:5.17\\(abpc.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "502DDF99-A3B5-4C7D-B4FD-79420528A515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "780BBA7D-7E2C-4624-AA15-8A51F3DF428F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm3100-t0_firmware:5.42\\(acbf.1.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "6A39C035-24A3-4F5F-84E1-45D911F14C5D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F78F88D4-A782-4075-A3CB-A728CE4014DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm5100-t0_firmware:5.42\\(acbf.1.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "AB68CB8D-3AB9-4CAD-8784-F6E9ABB8BC44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:5.42\\(abyy.1\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "6D8ED113-F34D-4F90-A1E5-E5DF67F71710", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px3321-t1_firmware:5.44\\(acjb.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "499CF93A-8044-4FD7-A0C7-0C6068D0CAA1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB525DE-2E08-4848-976E-7DF6C7E19578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3100-t0_firmware:5.50\\(abl.3\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "6FE1D8E3-79DB-4645-9B08-E6F5B1A6CFE1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C56248-D12F-46DC-A52F-0607E4A5DCCC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b0_firmware:5.17\\(abe.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "B20B5986-4F8F-4609-B7E4-AA89231102BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "677C554B-F9C7-4780-97C0-6021146F8B3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5600-t0_firmware:5.70\\(acdz.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "8C57BE0E-061D-40F5-89BF-52784B521E9F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5610-b0_firmware:5.18\\(acgj.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "B4F867EE-2A8C-4CDF-9D02-6E739BEA6A81", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5610-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88909887-E078-4EC5-BA49-2EFCABF1EB1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nbg7510_firmware:1.00\\(abzy.6\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "6B2305BE-0D40-4582-B775-4CDF62D3166C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nbg7510:-:*:*:*:*:*:*:*", matchCriteriaId: "98CB675F-DF0C-46C3-B206-CCFF407D2BA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device.", }, { lang: "es", value: " La vulnerabilidad de desbordamiento del búfer en la versión de firmware V5.50(ABVY.4)C0 del DX3300-T1 podría permitir que un atacante local autenticado provoque condiciones de denegación de servicio (DoS) ejecutando el comando CLI con cadenas manipuladas en un dispositivo afectado.", }, ], id: "CVE-2024-0816", lastModified: "2025-01-22T22:58:56.180", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-05-21T02:15:08.743", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerabilities-in-some-5g-nr-4g-lte-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-home-router-devices-05-21-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerabilities-in-some-5g-nr-4g-lte-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-home-router-devices-05-21-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "security@zyxel.com.tw", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-11 02:15
Modified
2024-11-21 07:26
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte3301-plus_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "77E3A51F-C92D-4E83-A05E-A26225D4CFDD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "4814D3A1-C0D4-4573-AD77-C2EE7AC11CB4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5388-m804_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3A7440E3-02F9-4416-A571-0008EA8206F4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5388-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E67FFCF7-ECE9-4644-B248-1B6E10AD9398", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5398-m904_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "52D18788-84EE-4880-B70D-DE385C5C1100", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5398-m904:-:*:*:*:*:*:*:*", matchCriteriaId: "F90453B8-19FF-4FF3-A167-E1A70E022201", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7240-m403_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC6FB56-8601-49D2-BD8C-4D373CF5ACD6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7240-m403:-:*:*:*:*:*:*:*", matchCriteriaId: "AAE2212F-D523-4706-9FD2-FDA760EE4B4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7461-m602_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CFEE2F4F-8E90-4D2D-BFDE-DD5B23897087", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7461-m602:-:*:*:*:*:*:*:*", matchCriteriaId: "8A307AD3-4E60-4859-B182-4CD4CB843757", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7DFDC741-78E6-42AA-B647-DEE9F04AA2DD", versionEndExcluding: "1.00\\(abra.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E3480021-1538-48ED-BE89-BB0DF562C7DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7480-s905_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5DCAE189-6379-40E6-A4FA-1E0431CCCD09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7480-s905:-:*:*:*:*:*:*:*", matchCriteriaId: "8E7AF237-04F2-4054-96DE-3FD059CF4B35", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7485-s905_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "59DDDBA4-966E-4143-9A33-A2431383A732", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7485-s905:-:*:*:*:*:*:*:*", matchCriteriaId: "E09953F0-2415-45F7-811C-E9D1A361284C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7490-m904_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB812F29-2FAE-414C-9047-2471148B1E36", versionEndExcluding: "1.00\\(abqy.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:*", matchCriteriaId: "DC75F6DE-DCAF-47A0-B6BB-0E050C68AF25", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EFD8C47E-C19E-4848-9898-CE0AAF05B0DD", versionEndExcluding: "1.15\\(acca.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "42297A6A-3E50-4E9E-ABF6-58C77F222DC1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_lte7461-m602_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8BF0A17A-5F34-4CD7-8A67-DA277CF78CFC", versionEndExcluding: "1.15\\(acev.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_lte7461-m602:-:*:*:*:*:*:*:*", matchCriteriaId: "44AA94AF-24B0-4C91-A990-9418EA5A5DAC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_nr5101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01D0F1E5-B9F0-4B64-8331-D18641EC161F", versionEndExcluding: "1.15\\(accg.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_nr5101:-:*:*:*:*:*:*:*", matchCriteriaId: "F9F605B8-A892-4119-AB7A-D14CDC5DFC88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA537481-4311-4C5E-B577-76C8A789FDAC", versionEndExcluding: "1.15\\(accc.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "52096C1F-F73C-413E-9D37-82EFA4703AEC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr5101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EB8687A-EADF-4B15-8F41-78F1070E0CA3", versionEndExcluding: "1.00\\(abvc.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr5101:-:*:*:*:*:*:*:*", matchCriteriaId: "11197D03-1C93-4D6A-950C-273E46CBBC62", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63A72A80-DA68-4353-8FEA-D372180F8401", versionEndExcluding: "1.00\\(abuv.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "E4D27B24-9822-432C-8B8B-9546EE32DEC6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C56958A5-2427-4A9A-BD40-3B548437CA36", versionEndExcluding: "1.00\\(abyd.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*", matchCriteriaId: "F1A15757-DE6F-4A72-9CAD-BAC04BD340A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "78DE37DB-6F39-48FE-8CE9-626036234C16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b1_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "66F40E06-666B-490C-84F7-1A7B49834CC1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "C8668990-045A-4DDD-9089-DE0025B69765", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AE285587-D5F3-42E5-ACB6-BDD03A50236C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4917CDD6-B5D9-4674-AE43-B75B60B8289E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "90DEAC05-EB3A-451D-9C0F-8D22B8886605", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1219D188-2A83-41EC-AC8D-694901E6067C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3301-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1F9ACE-DA82-4449-ADF9-5F8F540B812E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4434EF63-63EA-4A27-A6EF-CEE3000E9F02", versionEndExcluding: "5.17\\(abup.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "15D01EDB-A41C-4FC1-9C4B-38B69360BE90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5501-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D32815-5026-4A9A-8C8E-C30F154833AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1EC2DCD-97F2-4E13-AE82-468DBF052C4E", versionEndExcluding: "5.17\\(abqx.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5512-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8FF2B306-1EBD-4A14-A865-94C50F2F036D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5600-t1_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D6C46819-2848-4C0D-B360-F6987E9D3A82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5600-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "021CFB91-4627-4080-BF09-0BB5EFA708DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "13E7B377-3CF1-4BF5-A960-75952BC382D0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "ABFF2039-5DCC-4850-8BDA-3D418629C226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t1_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D41D53E2-CB40-4715-A2B5-E9E87C1F3AE0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "D629D4B6-B2F2-45F1-9295-71751570C231", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EBF0F8D-90CC-4089-AC9A-665348D27331", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD68CC70-242D-4A88-B182-DB68D2086225", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "88F74228-AC0C-4150-974D-54D77BBF9A90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B59AA0D1-9564-48FA-A0AF-C1FC67C0D1EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C75B24C-177A-470B-BCDE-39D31B0199F1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8901BBA-F2D4-49B8-80CF-4BABB5D2F365", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C6F890C3-F15D-4154-8E70-1529C7C8D89A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm3100-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D85D00E0-AA47-48AD-8914-A443482D7D7F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F78F88D4-A782-4075-A3CB-A728CE4014DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm5100-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0E683B32-A1A0-4DA4-81C4-61513E9E585F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "481013ED-2B6F-4FBB-881A-C0CD038C5FDA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7320-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E3B9C504-41A4-4756-BDB0-2EE317F801AE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7320-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E6A479CC-D543-49A1-8A37-7E9D4A0F0009", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1141E1B7-B6B8-496B-A2CA-A9076D805741", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*", matchCriteriaId: "9F1334B5-FC76-412F-A7EF-02EEEE677460", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1CA3BD8C-4FBB-45B6-AB00-55F7D5BA3C1B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*", matchCriteriaId: "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617ga_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "366FB20C-6740-431A-A0CA-6EC3FDD3C505", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*", matchCriteriaId: "9C1B0834-3398-41B0-9A14-7D97768732B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5622ga_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F61E8935-26CD-4664-A95C-1BCA77DBC4DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*", matchCriteriaId: "840AF834-B7A6-4ACA-BAB9-996D87476D3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3100-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FA532797-C2BF-4A37-9A36-92F1115150AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C56248-D12F-46DC-A52F-0607E4A5DCCC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5E011E78-E7E7-4F84-9A7D-A6548AFBE30C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "677C554B-F9C7-4780-97C0-6021146F8B3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5600-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0ED109DF-7C43-4CEC-AC2C-80762B60C776", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.\n\n", }, { lang: "es", value: "Una vulnerabilidad de desbordamiento de búfer en el parámetro del programa CGI en el firmware Zyxel NR7101 anterior a V1.15(ACCC.3)C0, que podría permitir a un atacante autenticado causar condiciones de denegación de servicio (DoS) mediante el envío de una solicitud HTTP manipulada.", }, ], id: "CVE-2022-43391", lastModified: "2024-11-21T07:26:23.243", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2023-01-11T02:15:11.250", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-11 13:15
Modified
2024-11-21 06:53
Severity ?
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3312-t20a_firmware:5.30\\(abfx.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "EF433563-7AA7-41BF-9ECF-F1E1B9C5C1C4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3312-t20a:-:*:*:*:*:*:*:*", matchCriteriaId: "59AF3952-10E9-4AC8-BA25-BA5C3C203063", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:america:*:*:*", matchCriteriaId: "FE982B82-95DD-40FA-8A7E-F6EB44323692", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:emea:*:*:*", matchCriteriaId: "EB52E6B4-08EF-4427-AA01-E783C9F1FCF4", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:america:*:*:*", matchCriteriaId: "A48A0914-787A-4884-909E-3332DD472873", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:emea:*:*:*", matchCriteriaId: "1B417B43-F5C6-4551-BD4E-7E2706BCF8B9", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9FAE1EA0-A113-4324-8347-838A01B00437", versionEndExcluding: "5.50\\(abom.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1D931985-C10C-41C4-B459-FC454DE8C9FA", versionEndExcluding: "5.13\\(abnp.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*", matchCriteriaId: "304D3B33-F7EC-4EB3-B6EF-6BEB2112F9C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg1312-t20b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5252A997-772F-4785-8440-B7909A9860A8", versionEndExcluding: "5.50\\(absb.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg1312-t20b:-:*:*:*:*:*:*:*", matchCriteriaId: "37348176-08FD-40F0-9903-05ABABBB1F5C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "331ACFBC-2467-45CC-82A3-717C93D34D02", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "291B5E34-3870-46DD-9A74-2D2FFD1B6E52", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "F814684F-D45D-4EF8-A294-A6122B7A760B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6D55734D-F4F4-4C97-BC31-7B532DA47EA9", versionEndExcluding: "5.13\\(ably.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "94BE349D-EC30-4EB7-8B68-EA7223364A4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3D4293E4-AE61-4978-A750-D5FAF442D67B", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "99C11501-33FD-4421-909E-E6533EF6F03A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8201B9D7-433E-4D79-9115-FA1F25223121", versionEndExcluding: "5.50\\(abom.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "543081DE-AEC8-4658-AAE4-63EE1A261645", versionEndExcluding: "5.13\\(ably.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "C0EE70D2-51BB-4E45-8995-655C1394C440", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A24F15A-1F77-413C-9BD1-CFBE890ACD31", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDACBF89-DCA8-43F0-91BF-8A29E63B33BD", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "ED88F55C-C687-4413-BEC8-DEB15D6AA2F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8B10EC6-E8B2-4619-8F9D-10516569B806", versionEndExcluding: "5.17\\(abny.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "7D66B624-EAAA-4C2D-BBE6-D0A0ED6BD5F1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0933D98-49F6-4B0F-9D04-2149BFB7FB7F", versionEndExcluding: "5.50\\(abom.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "502EBC83-0E8D-4B13-BA0D-040B40C58A1D", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "7654E872-36CA-4502-9B91-01741D6E4F46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b60b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B963909-27C2-43A6-9479-EE2F863FC817", versionEndExcluding: "5.17\\(abny.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b60b:-:*:*:*:*:*:*:*", matchCriteriaId: "6368C175-7D1B-4F70-B11F-B8CE7FBE0B82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:xmg3927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81E3153A-08CF-4F02-97EA-B68751EE7791", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:xmg3927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "99B19AC3-D417-48C7-8C18-F5516794260B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:xmg8825-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0E58CAE-3737-406F-9647-B59598A6733A", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:xmg8825-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "4861B59F-AB86-4A4D-A04C-6EE68EC4A206", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91B77C-EC30-4C88-AAEB-330B7A3E0470", versionEndExcluding: "5.17\\(abyo.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C6781DA-4800-47E9-BB67-89ACC0F43D04", versionEndExcluding: "5.17\\(abup.4\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B3B44185-756B-4B9B-A377-DB3191606702", versionEndExcluding: "5.17\\(abyo.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "291AA836-D0F7-4AD7-8D76-0F1A5B9ECCCF", versionEndExcluding: "5.17\\(abry.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5EF7BC18-210C-4E21-A850-61A8D6B701BE", versionEndExcluding: "5.17\\(abpc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ep240p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "457C1585-BD6F-4C3A-953D-96194EDD065E", versionEndExcluding: "5.40\\(abh.0\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ep240p:-:*:*:*:*:*:*:*", matchCriteriaId: "91367DDE-F430-42F7-B4F2-28AEF7FDCB12", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D4E0639D-0861-4A10-AFA6-8251AD2217BB", versionEndExcluding: "5.42\\(acbc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "20FA4B81-5FE7-43D5-8A96-A1BF0CBA8CC6", versionEndExcluding: "5.40\\(abki.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*", matchCriteriaId: "9F1334B5-FC76-412F-A7EF-02EEEE677460", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617ga_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E53F230A-806F-413B-BE4B-2A95645751DF", versionEndExcluding: "5.40\\(abna.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*", matchCriteriaId: "9C1B0834-3398-41B0-9A14-7D97768732B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FFBE0FC-A355-4E32-A606-4130B2581CE1", versionEndExcluding: "5.41\\(acbb.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*", matchCriteriaId: "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5622ga_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09514F76-89EC-4ADF-9400-F14BB917EF97", versionEndExcluding: "5.40\\(abnb.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*", matchCriteriaId: "840AF834-B7A6-4ACA-BAB9-996D87476D3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C655ED2E-A791-40B7-99C5-FF3F874A2A27", versionEndExcluding: "5.17\\(abpc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "076C6AD3-E8A3-4639-805E-20FA866BDFDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.", }, { lang: "es", value: "Una vulnerabilidad de inyección de comandos en el programa CGI del firmware de Zyxel VMG3312-T20A versión 5.30(ABFX.5)C0, podría permitir a un atacante local autenticado ejecutar comandos arbitrarios del Sistema Operativo en un dispositivo vulnerable por medio de una interfaz LAN", }, ], id: "CVE-2022-26413", lastModified: "2024-11-21T06:53:54.313", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 7.7, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 5.9, source: "security@zyxel.com.tw", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-11T13:15:07.763", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-11 02:15
Modified
2024-11-21 07:26
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte3301-plus_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "77E3A51F-C92D-4E83-A05E-A26225D4CFDD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "4814D3A1-C0D4-4573-AD77-C2EE7AC11CB4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5388-m804_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3A7440E3-02F9-4416-A571-0008EA8206F4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5388-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E67FFCF7-ECE9-4644-B248-1B6E10AD9398", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5398-m904_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "52D18788-84EE-4880-B70D-DE385C5C1100", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5398-m904:-:*:*:*:*:*:*:*", matchCriteriaId: "F90453B8-19FF-4FF3-A167-E1A70E022201", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7240-m403_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC6FB56-8601-49D2-BD8C-4D373CF5ACD6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7240-m403:-:*:*:*:*:*:*:*", matchCriteriaId: "AAE2212F-D523-4706-9FD2-FDA760EE4B4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7461-m602_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CFEE2F4F-8E90-4D2D-BFDE-DD5B23897087", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7461-m602:-:*:*:*:*:*:*:*", matchCriteriaId: "8A307AD3-4E60-4859-B182-4CD4CB843757", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7DFDC741-78E6-42AA-B647-DEE9F04AA2DD", versionEndExcluding: "1.00\\(abra.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E3480021-1538-48ED-BE89-BB0DF562C7DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7480-s905_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5DCAE189-6379-40E6-A4FA-1E0431CCCD09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7480-s905:-:*:*:*:*:*:*:*", matchCriteriaId: "8E7AF237-04F2-4054-96DE-3FD059CF4B35", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7485-s905_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "59DDDBA4-966E-4143-9A33-A2431383A732", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7485-s905:-:*:*:*:*:*:*:*", matchCriteriaId: "E09953F0-2415-45F7-811C-E9D1A361284C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7490-m904_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB812F29-2FAE-414C-9047-2471148B1E36", versionEndExcluding: "1.00\\(abqy.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:*", matchCriteriaId: "DC75F6DE-DCAF-47A0-B6BB-0E050C68AF25", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EFD8C47E-C19E-4848-9898-CE0AAF05B0DD", versionEndExcluding: "1.15\\(acca.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "42297A6A-3E50-4E9E-ABF6-58C77F222DC1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_lte7461-m602_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8BF0A17A-5F34-4CD7-8A67-DA277CF78CFC", versionEndExcluding: "1.15\\(acev.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_lte7461-m602:-:*:*:*:*:*:*:*", matchCriteriaId: "44AA94AF-24B0-4C91-A990-9418EA5A5DAC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_nr5101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01D0F1E5-B9F0-4B64-8331-D18641EC161F", versionEndExcluding: "1.15\\(accg.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_nr5101:-:*:*:*:*:*:*:*", matchCriteriaId: "F9F605B8-A892-4119-AB7A-D14CDC5DFC88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA537481-4311-4C5E-B577-76C8A789FDAC", versionEndExcluding: "1.15\\(accc.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "52096C1F-F73C-413E-9D37-82EFA4703AEC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr5101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EB8687A-EADF-4B15-8F41-78F1070E0CA3", versionEndExcluding: "1.00\\(abvc.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr5101:-:*:*:*:*:*:*:*", matchCriteriaId: "11197D03-1C93-4D6A-950C-273E46CBBC62", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63A72A80-DA68-4353-8FEA-D372180F8401", versionEndExcluding: "1.00\\(abuv.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "E4D27B24-9822-432C-8B8B-9546EE32DEC6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C56958A5-2427-4A9A-BD40-3B548437CA36", versionEndExcluding: "1.00\\(abyd.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*", matchCriteriaId: "F1A15757-DE6F-4A72-9CAD-BAC04BD340A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "78DE37DB-6F39-48FE-8CE9-626036234C16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b1_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "66F40E06-666B-490C-84F7-1A7B49834CC1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "C8668990-045A-4DDD-9089-DE0025B69765", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AE285587-D5F3-42E5-ACB6-BDD03A50236C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4917CDD6-B5D9-4674-AE43-B75B60B8289E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "90DEAC05-EB3A-451D-9C0F-8D22B8886605", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1219D188-2A83-41EC-AC8D-694901E6067C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3301-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1F9ACE-DA82-4449-ADF9-5F8F540B812E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4434EF63-63EA-4A27-A6EF-CEE3000E9F02", versionEndExcluding: "5.17\\(abup.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "15D01EDB-A41C-4FC1-9C4B-38B69360BE90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5501-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D32815-5026-4A9A-8C8E-C30F154833AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1EC2DCD-97F2-4E13-AE82-468DBF052C4E", versionEndExcluding: "5.17\\(abqx.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5512-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8FF2B306-1EBD-4A14-A865-94C50F2F036D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5600-t1_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D6C46819-2848-4C0D-B360-F6987E9D3A82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5600-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "021CFB91-4627-4080-BF09-0BB5EFA708DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "13E7B377-3CF1-4BF5-A960-75952BC382D0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "ABFF2039-5DCC-4850-8BDA-3D418629C226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t1_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D41D53E2-CB40-4715-A2B5-E9E87C1F3AE0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "D629D4B6-B2F2-45F1-9295-71751570C231", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EBF0F8D-90CC-4089-AC9A-665348D27331", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD68CC70-242D-4A88-B182-DB68D2086225", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "88F74228-AC0C-4150-974D-54D77BBF9A90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B59AA0D1-9564-48FA-A0AF-C1FC67C0D1EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C75B24C-177A-470B-BCDE-39D31B0199F1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8901BBA-F2D4-49B8-80CF-4BABB5D2F365", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C6F890C3-F15D-4154-8E70-1529C7C8D89A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm3100-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D85D00E0-AA47-48AD-8914-A443482D7D7F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F78F88D4-A782-4075-A3CB-A728CE4014DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm5100-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0E683B32-A1A0-4DA4-81C4-61513E9E585F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "481013ED-2B6F-4FBB-881A-C0CD038C5FDA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7320-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E3B9C504-41A4-4756-BDB0-2EE317F801AE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7320-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E6A479CC-D543-49A1-8A37-7E9D4A0F0009", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1141E1B7-B6B8-496B-A2CA-A9076D805741", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*", matchCriteriaId: "9F1334B5-FC76-412F-A7EF-02EEEE677460", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1CA3BD8C-4FBB-45B6-AB00-55F7D5BA3C1B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*", matchCriteriaId: "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617ga_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "366FB20C-6740-431A-A0CA-6EC3FDD3C505", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*", matchCriteriaId: "9C1B0834-3398-41B0-9A14-7D97768732B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5622ga_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F61E8935-26CD-4664-A95C-1BCA77DBC4DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*", matchCriteriaId: "840AF834-B7A6-4ACA-BAB9-996D87476D3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3100-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FA532797-C2BF-4A37-9A36-92F1115150AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C56248-D12F-46DC-A52F-0607E4A5DCCC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5E011E78-E7E7-4F84-9A7D-A6548AFBE30C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "677C554B-F9C7-4780-97C0-6021146F8B3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5600-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0ED109DF-7C43-4CEC-AC2C-80762B60C776", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.\n\n", }, { lang: "es", value: "Una vulnerabilidad de desbordamiento de búfer en el parámetro del servidor web en el firmware Zyxel NR7101 anterior a V1.15(ACCC.3)C0, que podría permitir que un atacante autenticado cause condiciones de denegación de servicio (DoS) mediante el envío de una solicitud de autorización manipulada.", }, ], id: "CVE-2022-43392", lastModified: "2024-11-21T07:26:23.490", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2023-01-11T02:15:11.327", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-03 02:15
Modified
2024-09-06 18:07
Severity ?
Summary
A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "66671CE5-B6EC-45EA-AC48-FF39A8124675", versionEndExcluding: "1.18\\(acca.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "42297A6A-3E50-4E9E-ABF6-58C77F222DC1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_fwa505_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E75A4058-1311-4043-B9C5-6AD7300DE1E3", versionEndExcluding: "1.18\\(acko.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_fwa505:-:*:*:*:*:*:*:*", matchCriteriaId: "5052039B-5273-4CDF-AFA5-609855801D24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_fwa710_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDD47408-EDB1-4B79-A677-AEDECA548CD0", versionEndExcluding: "1.18\\(acgc.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_fwa710:-:*:*:*:*:*:*:*", matchCriteriaId: "92221518-C7EA-46D7-8037-A580CEA01093", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_fwa510_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "594F2E16-4D3E-4617-A91B-C9911880294C", versionEndExcluding: "1.18\\(acgd.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_fwa510:-:*:*:*:*:*:*:*", matchCriteriaId: "80B7099C-DAA5-4902-A62B-B680C9450575", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43D29BE5-A0A9-4EA3-A0BB-AF3FCB83B9E5", versionEndExcluding: "5.70\\(aceb.3.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FEEFBA62-FF41-47F3-81F5-61034302A0E9", versionEndExcluding: "5.17\\(abve.2.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "677C554B-F9C7-4780-97C0-6021146F8B3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E96FD496-D6B2-4221-8CDE-87ECCC6AE2EF", versionEndExcluding: "5.50\\(abvl.4.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C56248-D12F-46DC-A52F-0607E4A5DCCC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:scr50axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "093F98C0-F84F-408C-9835-D63F238E81E9", versionEndExcluding: "1.10\\(acgn.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:scr50axe:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE16790-D3CB-48D2-9C4C-ACCED14035BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "35734339-B6A7-433C-85F6-D125990DAB2F", versionEndExcluding: "5.44\\(acjb.0.2\\)z0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB525DE-2E08-4848-976E-7DF6C7E19578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7BD127D7-3B27-4D3B-A82C-B08D8BCFACF0", versionEndExcluding: "5.42\\(abyy.2.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm5100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AD5D584-14FB-424D-9175-A8F122483748", versionEndExcluding: "5.42\\(acbf.2.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF26B807-83DE-4D66-AB11-C8FF20D579D8", versionEndExcluding: "5.42\\(acbf.2.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F78F88D4-A782-4075-A3CB-A728CE4014DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61AC6D95-80A9-447F-9CB4-6CCA3A86334B", versionEndExcluding: "5.17\\(abpc.5.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "780BBA7D-7E2C-4624-AA15-8A51F3DF428F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A6A3F96-61FF-4956-9FE6-B2B939E34A3D", versionEndExcluding: "5.17\\(abpc.5.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2781DE8-ADD6-48EF-8FC5-D2DBAEC44E8D", versionEndExcluding: "5.50\\(abom.8.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "191B287A-F923-42EE-81F5-A8895F15ABF6", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D071180D-5C20-4938-98D5-11FDC86BC93D", versionEndExcluding: "5.15\\(abqa.2.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B111007F-77CF-43A6-AFE9-B7B845D822E1", versionEndExcluding: "5.15\\(abqa.2.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "88F74228-AC0C-4150-974D-54D77BBF9A90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4555EDDD-B50A-41F1-B603-D384DE0CC42A", versionEndExcluding: "5.50\\(abom.8.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5EB06CB-BCFB-4EBF-A1C6-0A72DD9C56D8", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3530C6BA-5001-4BE2-B5EF-1A2638B234FF", versionEndExcluding: "5.50\\(abom.8.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "357C7DEF-891E-4D2D-9975-785E190B0E28", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8657DD28-3CBB-4828-927A-07DFF03E07DC", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7710-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50F8A5D1-04C5-4187-AD53-A7BAEBB2D5F3", versionEndExcluding: "5.18\\(acak.1\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7710-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "07727D9C-723B-4761-B6B6-07FE1784D3C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CE07CE74-7E9A-4319-A04B-FAB27DF20A5E", versionEndExcluding: "5.18\\(achn.1.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "1CE049DE-A5DA-4A4F-BA30-BBD09FF34DE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8BBBF350-66DE-4337-8E95-F1C5D75D5151", versionEndExcluding: "5.70\\(acdz.3.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "D629D4B6-B2F2-45F1-9295-71751570C231", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5222AE4A-192D-4B52-B12A-7DC04047CDD4", versionEndExcluding: "5.70\\(acdz.3.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "ABFF2039-5DCC-4850-8BDA-3D418629C226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5512-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E4CB5021-3A4C-4D2E-BC78-4E027DB217E9", versionEndExcluding: "5.70\\(aceg.3\\)c2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05F3DCE4-A704-44CA-9100-94D0736990E8", versionEndExcluding: "5.17\\(abqx.10\\)b2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A8CA39B3-1819-4EAF-86AD-AFBA7C22C9AE", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "7213FA12-5CD6-4E9B-8387-A52AEF17EA10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6938EC2C-CAC9-4A43-8B30-96BD92279087", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AC7EDFCA-8E0A-4E60-80C9-1C817845E067", versionEndExcluding: "5.17\\(abup.12\\)b2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D72F97BC-0C04-436E-82EC-956164D97608", versionEndExcluding: "5.44\\(achr.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "A98F76BD-0404-46DD-AE6A-EB630FEC8904", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BD151CF9-DC45-475A-9128-91102B7CDF34", versionEndExcluding: "5.44\\(achr.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8714EB1B-38E5-4295-AD26-EE13E2161DEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CC5D271-3679-4962-8096-58BC125E553A", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09AF8A00-ECF7-43EA-98FB-6BDA7C5CAD60", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "F766221F-7478-4E39-B4CD-A2498ACEE754", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E60A1553-6685-4C75-91D0-199AC09558C6", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "137F8B94-4176-4D9B-8704-28525E7352D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96DF49B6-9BF6-45FC-BCA5-B612F01AC2E1", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8AF84D6-113E-49F3-9F3C-7EFE5DFEA8BF", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "99FEDEFF-3295-412F-903C-69709C6DC39C", versionEndExcluding: "5.17\\(abyl.7\\)b2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "A0338E1C-2509-4510-8C8D-4BD5AEA47D81", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "582711B2-B998-4FF8-8237-99B3B62EDC87", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F811CD1C-E4D8-43A0-8E95-07CE2566FC72", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "2456F691-C182-4BE6-A08F-5E1717366DCA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B3EF633-501B-43DB-8297-D9AF9335B6C1", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "6D3E176E-F728-4385-8533-4C694D43898A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7501_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A512E0EE-3424-4EB1-A9F7-D60A9156E83A", versionEndExcluding: "1.00\\(aceh.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7501:-:*:*:*:*:*:*:*", matchCriteriaId: "AA121671-E805-4FEF-B934-062FD7DC89F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7303_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34E4BB32-DF7F-4875-ABBB-C605E1F69872", versionEndExcluding: "1.00\\(acei.1\\)b4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7303:-:*:*:*:*:*:*:*", matchCriteriaId: "9CE64F27-D4A3-40B4-A117-3F5B2B140801", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7302_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2A37EF06-D82D-4EDC-AC1D-E5B2F6CD751E", versionEndExcluding: "1.00\\(acha.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7302:-:*:*:*:*:*:*:*", matchCriteriaId: "D1793FC4-BA0C-4CFC-93BB-3BCD899E7F23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7103_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCD1D0CD-8FA6-4AE8-8B6D-B22447D6035F", versionEndExcluding: "1.00\\(accz.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7103:-:*:*:*:*:*:*:*", matchCriteriaId: "77584A2D-D878-46E5-A632-10912DC3B794", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr5307_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B9CC7837-215D-417A-8749-4A07F3E03FDB", versionEndExcluding: "1.00\\(acjt.0\\)b6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr5307:-:*:*:*:*:*:*:*", matchCriteriaId: "27C408EF-36D8-4111-8CC5-C1278A884F67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr5103ev2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "729613A0-64D9-4D2C-B6C2-2696C0941E9A", versionEndExcluding: "1.00\\(aciq.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr5103ev2:-:*:*:*:*:*:*:*", matchCriteriaId: "D51186E3-34CE-4417-94B2-5B7AD1DAE43E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr5103_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4129E8DD-1C15-4621-84A1-6F53434968A6", versionEndExcluding: "4.19\\(abyc.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr5103:-:*:*:*:*:*:*:*", matchCriteriaId: "C821C282-A1E3-4E31-A0C3-96936A4D90CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A buffer overflow vulnerability in the library \"libclinkc\" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.", }, { lang: "es", value: "Una vulnerabilidad de desbordamiento de búfer en la librería \"libclinkc\" de la versión de firmware 5.50(ABOM.8)C0 del Zyxel VMG8825-T50K podría permitir que un atacante no autenticado provoque condiciones de denegación de servicio (DoS) al enviar una solicitud HTTP manipulada a un dispositivo vulnerable.", }, ], id: "CVE-2024-5412", lastModified: "2024-09-06T18:07:43.940", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-09-03T02:15:05.103", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerability-in-some-5g-nr-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-devices-09-03-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "security@zyxel.com.tw", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-24 02:15
Modified
2025-01-22 22:27
Severity ?
Summary
An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "431FB9C8-18A7-47DB-BEB9-B951BF5B3C5D", versionEndExcluding: "5.50\\(abvy.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "6D3E176E-F728-4385-8533-4C694D43898A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DD82977B-FFB9-4DFB-A1A1-3DFD1AED5D59", versionEndExcluding: "5.50\\(abvy.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "2456F691-C182-4BE6-A08F-5E1717366DCA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "721831F3-731A-4650-8DCB-B2F73D38F601", versionEndExcluding: "5.50\\(abvy.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B391DACC-3AA9-450B-A645-2DF887724FC5", versionEndExcluding: "5.17\\(abyl.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "A0338E1C-2509-4510-8C8D-4BD5AEA47D81", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "59150616-DFB9-4D3C-90EB-1816C6CA99FF", versionEndExcluding: "5.17\\(abyl.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "C8668990-045A-4DDD-9089-DE0025B69765", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A23D605A-8FC8-4E56-9307-99C3322FB2AE", versionEndExcluding: "5.17\\(abyo.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BEAFF300-DEFA-4FA0-9A8B-5EF3B3BA631C", versionEndExcluding: "5.17\\(abyo.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "631CD12F-B60B-4499-8EC1-C23C5815D409", versionEndExcluding: "5.50\\(abvy.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "137F8B94-4176-4D9B-8704-28525E7352D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F93EC53-2922-4E2E-83C6-A16869C4D454", versionEndExcluding: "5.50\\(abvy.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "F766221F-7478-4E39-B4CD-A2498ACEE754", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08264249-0B2C-4484-803D-4E362708B994", versionEndExcluding: "5.50\\(abvy.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23B1F148-F91B-457C-B4AC-98FA94888D95", versionEndExcluding: "5.44\\(achr.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8714EB1B-38E5-4295-AD26-EE13E2161DEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DA631B1-EEF6-4874-AD0C-9DE339BDD050", versionEndExcluding: "5.44\\(achr.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "A98F76BD-0404-46DD-AE6A-EB630FEC8904", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0BA471AB-D9DE-4065-B225-8090CAA6BB95", versionEndExcluding: "5.17\\(abup.11\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "370BC729-109E-4F2B-8A2D-20F3D29DB1A8", versionEndExcluding: "5.17\\(abup.11\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "3F955BD9-4D44-46BE-8605-51C6250A74D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B4D9203-899C-4007-A697-92AC4DFDAE65", versionEndExcluding: "5.70\\(acif.0.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "D3BCC6A9-1CAE-459D-BE7D-AAB956BD1B92", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25200340-B35C-49C9-9119-C2B5CC0F5920", versionEndExcluding: "5.17\\(abyo.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B133176C-F67A-442E-9034-B9D86F6B7B58", versionEndExcluding: "5.17\\(abyo.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "7213FA12-5CD6-4E9B-8387-A52AEF17EA10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5525243D-7CC3-4AE3-BC56-0EEFEB55A63B", versionEndExcluding: "5.17\\(abqx.9\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5512-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD948A47-CB7C-4589-9886-545BE104C70C", versionEndExcluding: "5.70\\(aceg.3\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "718B9CCD-EE53-4716-918A-1C6D7C4967FB", versionEndExcluding: "5.70\\(acdz.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "ABFF2039-5DCC-4850-8BDA-3D418629C226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4CF46A0E-C1A9-47E0-A673-6E48F4097CE3", versionEndExcluding: "5.70\\(acdz.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "D629D4B6-B2F2-45F1-9295-71751570C231", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86153210-F574-46EA-8041-06CB2D2118C4", versionEndExcluding: "5.18\\(achn.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "1CE049DE-A5DA-4A4F-BA30-BBD09FF34DE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7710-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "697EE8E6-C4DB-45FC-A114-DFDF778D4C0B", versionEndExcluding: "5.18\\(acak.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7710-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "07727D9C-723B-4761-B6B6-07FE1784D3C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E2FAE22-68C4-417C-8D1E-977D2D996212", versionEndExcluding: "5.50\\(abpm.9\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B69BAD2-E085-4A01-9B9B-A6E464A33465", versionEndExcluding: "5.50\\(abpm.9\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C08C685F-93D8-4C5D-AE9B-5A1E30985075", versionEndExcluding: "5.50\\(abom.8\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3F605497-6085-48E9-809D-5D1EFCD7022A", versionEndExcluding: "5.50\\(abpm.9\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A40BCD8-C6D5-4DD7-92A6-305886662570", versionEndExcluding: "5.50\\(abom.8\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FCA4418-484B-4C5F-8DEA-339DE9F70A31", versionEndExcluding: "5.17\\(abqa.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "88F74228-AC0C-4150-974D-54D77BBF9A90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DE21BF5A-1D7D-4F80-BED4-15BFE043FF83", versionEndExcluding: "5.17\\(abqa.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1A1A61C-1C53-4D02-A23A-D259DAE2C17C", versionEndExcluding: "5.50\\(abpm.9\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0F7F95B3-A92F-492F-AE07-ABC54A3158AB", versionEndExcluding: "5.50\\(abom.8\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C14636B1-3639-4C61-B4D3-C7EE96D037A8", versionEndExcluding: "5.50\\(abpy.1\\)b24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25C537B8-C8C1-4F87-8170-D84106CD547F", versionEndExcluding: "5.17\\(abpc.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4747B9E9-49BE-4204-B41F-A888E84ECB5E", versionEndExcluding: "5.17\\(abpc.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "780BBA7D-7E2C-4624-AA15-8A51F3DF428F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F9D1A52F-3F12-4A65-A89D-0C4B36AD75AF", versionEndExcluding: "5.42\\(acbf.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F78F88D4-A782-4075-A3CB-A728CE4014DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm5100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3173CEDB-9BBB-4634-A59D-A0A1005B19A1", versionEndExcluding: "5.42\\(acbf.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD1235B7-F446-4664-B46C-F5AE0C23AAC6", versionEndExcluding: "5.42\\(abyy.2.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E62AA1B8-C573-4A08-9A9B-C6536CC7874E", versionEndExcluding: "5.44\\(acjb.0\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB525DE-2E08-4848-976E-7DF6C7E19578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:scr50axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "093F98C0-F84F-408C-9835-D63F238E81E9", versionEndExcluding: "1.10\\(acgn.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:scr50axe:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE16790-D3CB-48D2-9C4C-ACCED14035BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9392FD-1E26-4C72-94BA-7F71BCB7FD32", versionEndExcluding: "5.50\\(abvl.4.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C56248-D12F-46DC-A52F-0607E4A5DCCC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FEEFBA62-FF41-47F3-81F5-61034302A0E9", versionEndExcluding: "5.17\\(abve.2.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "677C554B-F9C7-4780-97C0-6021146F8B3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43D29BE5-A0A9-4EA3-A0BB-AF3FCB83B9E5", versionEndExcluding: "5.70\\(aceb.3.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.", }, { lang: "es", value: "Una restricción incorrecta de las operaciones dentro de los límites de un búfer de memoria en el analizador de tipo de parámetro de las versiones de firmware Zyxel VMG8825-T50K hasta la 5.50(ABOM.8)C0 podría permitir que un atacante autenticado con privilegios de administrador provoque posibles corrupciones de memoria, lo que resultaría en un bloqueo del hilo en un dispositivo afectado.", }, ], id: "CVE-2024-38266", lastModified: "2025-01-22T22:27:33.937", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-09-24T02:15:02.220", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-24 02:15
Modified
2024-09-30 15:52
Severity ?
Summary
An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43D29BE5-A0A9-4EA3-A0BB-AF3FCB83B9E5", versionEndExcluding: "5.70\\(aceb.3.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FEEFBA62-FF41-47F3-81F5-61034302A0E9", versionEndExcluding: "5.17\\(abve.2.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "677C554B-F9C7-4780-97C0-6021146F8B3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9392FD-1E26-4C72-94BA-7F71BCB7FD32", versionEndExcluding: "5.50\\(abvl.4.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C56248-D12F-46DC-A52F-0607E4A5DCCC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:scr50axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "093F98C0-F84F-408C-9835-D63F238E81E9", versionEndExcluding: "1.10\\(acgn.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:scr50axe:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE16790-D3CB-48D2-9C4C-ACCED14035BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EC1054FD-2E83-457C-9B5C-936813454B0E", versionEndExcluding: "5.44\\(acjb.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB525DE-2E08-4848-976E-7DF6C7E19578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7BD127D7-3B27-4D3B-A82C-B08D8BCFACF0", versionEndExcluding: "5.42\\(abyy.2.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm5100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AD5D584-14FB-424D-9175-A8F122483748", versionEndExcluding: "5.42\\(acbf.2.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF26B807-83DE-4D66-AB11-C8FF20D579D8", versionEndExcluding: "5.42\\(acbf.2.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F78F88D4-A782-4075-A3CB-A728CE4014DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61AC6D95-80A9-447F-9CB4-6CCA3A86334B", versionEndExcluding: "5.17\\(abpc.5.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "780BBA7D-7E2C-4624-AA15-8A51F3DF428F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2781DE8-ADD6-48EF-8FC5-D2DBAEC44E8D", versionEndExcluding: "5.50\\(abom.8.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "191B287A-F923-42EE-81F5-A8895F15ABF6", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C7BE424-6E8A-485E-9F20-CCE34EE6BD17", versionEndExcluding: "5.17\\(abqa.2.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "71020993-535B-420A-A158-1406C8A611A2", versionEndExcluding: "5.17\\(abqa.2.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "88F74228-AC0C-4150-974D-54D77BBF9A90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4555EDDD-B50A-41F1-B603-D384DE0CC42A", versionEndExcluding: "5.50\\(abom.8.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5EB06CB-BCFB-4EBF-A1C6-0A72DD9C56D8", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3530C6BA-5001-4BE2-B5EF-1A2638B234FF", versionEndExcluding: "5.50\\(abom.8.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "357C7DEF-891E-4D2D-9975-785E190B0E28", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8657DD28-3CBB-4828-927A-07DFF03E07DC", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7710-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50F8A5D1-04C5-4187-AD53-A7BAEBB2D5F3", versionEndExcluding: "5.18\\(acak.1\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7710-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "07727D9C-723B-4761-B6B6-07FE1784D3C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CE07CE74-7E9A-4319-A04B-FAB27DF20A5E", versionEndExcluding: "5.18\\(achn.1.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "1CE049DE-A5DA-4A4F-BA30-BBD09FF34DE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8BBBF350-66DE-4337-8E95-F1C5D75D5151", versionEndExcluding: "5.70\\(acdz.3.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "D629D4B6-B2F2-45F1-9295-71751570C231", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5222AE4A-192D-4B52-B12A-7DC04047CDD4", versionEndExcluding: "5.70\\(acdz.3.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "ABFF2039-5DCC-4850-8BDA-3D418629C226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5512-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E4CB5021-3A4C-4D2E-BC78-4E027DB217E9", versionEndExcluding: "5.70\\(aceg.3\\)c2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "37FB6CD6-AA0F-4A4A-9A10-0C0558FFC4FC", versionEndExcluding: "5.17\\(abqx.10\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A8CA39B3-1819-4EAF-86AD-AFBA7C22C9AE", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "7213FA12-5CD6-4E9B-8387-A52AEF17EA10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6938EC2C-CAC9-4A43-8B30-96BD92279087", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0976A6EB-9A37-4316-B204-0E62E8CE832B", versionEndExcluding: "5.70\\(acif.0.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "D3BCC6A9-1CAE-459D-BE7D-AAB956BD1B92", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DF914A6C-2C47-4869-9368-6ACC97876D5C", versionEndExcluding: "5.17\\(abup.12\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "3F955BD9-4D44-46BE-8605-51C6250A74D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC4B955B-CDA5-4BBB-8FFD-71394399A6C6", versionEndExcluding: "5.17\\(abup.12\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D72F97BC-0C04-436E-82EC-956164D97608", versionEndExcluding: "5.44\\(achr.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "A98F76BD-0404-46DD-AE6A-EB630FEC8904", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BD151CF9-DC45-475A-9128-91102B7CDF34", versionEndExcluding: "5.44\\(achr.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8714EB1B-38E5-4295-AD26-EE13E2161DEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CC5D271-3679-4962-8096-58BC125E553A", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09AF8A00-ECF7-43EA-98FB-6BDA7C5CAD60", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "F766221F-7478-4E39-B4CD-A2498ACEE754", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E60A1553-6685-4C75-91D0-199AC09558C6", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "137F8B94-4176-4D9B-8704-28525E7352D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96DF49B6-9BF6-45FC-BCA5-B612F01AC2E1", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8AF84D6-113E-49F3-9F3C-7EFE5DFEA8BF", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "46E29474-6891-480C-AC09-A3FB21C0D5DB", versionEndExcluding: "5.17\\(abyl.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "C8668990-045A-4DDD-9089-DE0025B69765", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "344761C5-3143-4B42-869D-B35DEE2C51FE", versionEndExcluding: "5.17\\(abyl.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "A0338E1C-2509-4510-8C8D-4BD5AEA47D81", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "582711B2-B998-4FF8-8237-99B3B62EDC87", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F811CD1C-E4D8-43A0-8E95-07CE2566FC72", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "2456F691-C182-4BE6-A08F-5E1717366DCA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B3EF633-501B-43DB-8297-D9AF9335B6C1", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "6D3E176E-F728-4385-8533-4C694D43898A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.", }, { lang: "es", value: "Una restricción incorrecta de las operaciones dentro de los límites de un búfer de memoria en el analizador de direcciones MAC de las versiones de firmware Zyxel VMG8825-T50K hasta la 5.50(ABOM.8)C0 podría permitir que un atacante autenticado con privilegios de administrador provoque posibles corrupciones de memoria, lo que resultaría en un bloqueo del hilo en un dispositivo afectado.", }, ], id: "CVE-2024-38268", lastModified: "2024-09-30T15:52:29.977", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-09-24T02:15:02.987", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-11 13:15
Modified
2024-11-21 06:53
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3312-t20a_firmware:5.30\\(abfx.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "EF433563-7AA7-41BF-9ECF-F1E1B9C5C1C4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3312-t20a:-:*:*:*:*:*:*:*", matchCriteriaId: "59AF3952-10E9-4AC8-BA25-BA5C3C203063", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:america:*:*:*", matchCriteriaId: "FE982B82-95DD-40FA-8A7E-F6EB44323692", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:emea:*:*:*", matchCriteriaId: "EB52E6B4-08EF-4427-AA01-E783C9F1FCF4", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:america:*:*:*", matchCriteriaId: "A48A0914-787A-4884-909E-3332DD472873", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:emea:*:*:*", matchCriteriaId: "1B417B43-F5C6-4551-BD4E-7E2706BCF8B9", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9FAE1EA0-A113-4324-8347-838A01B00437", versionEndExcluding: "5.50\\(abom.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1D931985-C10C-41C4-B459-FC454DE8C9FA", versionEndExcluding: "5.13\\(abnp.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*", matchCriteriaId: "304D3B33-F7EC-4EB3-B6EF-6BEB2112F9C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg1312-t20b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5252A997-772F-4785-8440-B7909A9860A8", versionEndExcluding: "5.50\\(absb.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg1312-t20b:-:*:*:*:*:*:*:*", matchCriteriaId: "37348176-08FD-40F0-9903-05ABABBB1F5C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "331ACFBC-2467-45CC-82A3-717C93D34D02", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "291B5E34-3870-46DD-9A74-2D2FFD1B6E52", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "F814684F-D45D-4EF8-A294-A6122B7A760B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6D55734D-F4F4-4C97-BC31-7B532DA47EA9", versionEndExcluding: "5.13\\(ably.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "94BE349D-EC30-4EB7-8B68-EA7223364A4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3D4293E4-AE61-4978-A750-D5FAF442D67B", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "99C11501-33FD-4421-909E-E6533EF6F03A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8201B9D7-433E-4D79-9115-FA1F25223121", versionEndExcluding: "5.50\\(abom.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "543081DE-AEC8-4658-AAE4-63EE1A261645", versionEndExcluding: "5.13\\(ably.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "C0EE70D2-51BB-4E45-8995-655C1394C440", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A24F15A-1F77-413C-9BD1-CFBE890ACD31", versionEndExcluding: "5.50\\(abpm.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDACBF89-DCA8-43F0-91BF-8A29E63B33BD", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "ED88F55C-C687-4413-BEC8-DEB15D6AA2F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8B10EC6-E8B2-4619-8F9D-10516569B806", versionEndExcluding: "5.17\\(abny.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "7D66B624-EAAA-4C2D-BBE6-D0A0ED6BD5F1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0933D98-49F6-4B0F-9D04-2149BFB7FB7F", versionEndExcluding: "5.50\\(abom.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "502EBC83-0E8D-4B13-BA0D-040B40C58A1D", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "7654E872-36CA-4502-9B91-01741D6E4F46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-b60b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B963909-27C2-43A6-9479-EE2F863FC817", versionEndExcluding: "5.17\\(abny.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-b60b:-:*:*:*:*:*:*:*", matchCriteriaId: "6368C175-7D1B-4F70-B11F-B8CE7FBE0B82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:xmg3927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81E3153A-08CF-4F02-97EA-B68751EE7791", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:xmg3927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "99B19AC3-D417-48C7-8C18-F5516794260B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:xmg8825-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0E58CAE-3737-406F-9647-B59598A6733A", versionEndExcluding: "5.17\\(abmt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:xmg8825-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "4861B59F-AB86-4A4D-A04C-6EE68EC4A206", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C91B77C-EC30-4C88-AAEB-330B7A3E0470", versionEndExcluding: "5.17\\(abyo.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C6781DA-4800-47E9-BB67-89ACC0F43D04", versionEndExcluding: "5.17\\(abup.4\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B3B44185-756B-4B9B-A377-DB3191606702", versionEndExcluding: "5.17\\(abyo.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "291AA836-D0F7-4AD7-8D76-0F1A5B9ECCCF", versionEndExcluding: "5.17\\(abry.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5EF7BC18-210C-4E21-A850-61A8D6B701BE", versionEndExcluding: "5.17\\(abpc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ep240p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "457C1585-BD6F-4C3A-953D-96194EDD065E", versionEndExcluding: "5.40\\(abh.0\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ep240p:-:*:*:*:*:*:*:*", matchCriteriaId: "91367DDE-F430-42F7-B4F2-28AEF7FDCB12", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D4E0639D-0861-4A10-AFA6-8251AD2217BB", versionEndExcluding: "5.42\\(acbc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "20FA4B81-5FE7-43D5-8A96-A1BF0CBA8CC6", versionEndExcluding: "5.40\\(abki.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*", matchCriteriaId: "9F1334B5-FC76-412F-A7EF-02EEEE677460", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617ga_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E53F230A-806F-413B-BE4B-2A95645751DF", versionEndExcluding: "5.40\\(abna.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*", matchCriteriaId: "9C1B0834-3398-41B0-9A14-7D97768732B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FFBE0FC-A355-4E32-A606-4130B2581CE1", versionEndExcluding: "5.41\\(acbb.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*", matchCriteriaId: "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5622ga_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09514F76-89EC-4ADF-9400-F14BB917EF97", versionEndExcluding: "5.40\\(abnb.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*", matchCriteriaId: "840AF834-B7A6-4ACA-BAB9-996D87476D3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C655ED2E-A791-40B7-99C5-FF3F874A2A27", versionEndExcluding: "5.17\\(abpc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "076C6AD3-E8A3-4639-805E-20FA866BDFDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.", }, { lang: "es", value: "Se ha identificado una potencial vulnerabilidad de desbordamiento de búfer en algunas funciones internas del firmware de Zyxel VMG3312-T20A versión 5.30(ABFX.5)C0, que podría ser aprovechada por un atacante local autenticado para causar una denegación de servicio", }, ], id: "CVE-2022-26414", lastModified: "2024-11-21T06:53:54.453", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.2, source: "security@zyxel.com.tw", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-11T13:15:07.857", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-01 07:15
Modified
2024-11-21 06:11
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A231B7-26ED-4BCC-99CC-ECC327B54B03", versionEndExcluding: "5.17\\(abpc.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "788C6B76-4993-4ABD-83D1-DA6B0821026F", versionEndExcluding: "5.50\\(abvy.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96C7FD75-7675-4EDD-BF3B-0298D092A11B", versionEndExcluding: "5.17\\(abyo.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96BDAAFD-9622-4A88-A7D1-F0312F466F1C", versionEndExcluding: "5.50\\(abpm.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "144523AD-2BDE-408A-8FA2-EF3D5161158E", versionEndExcluding: "5.50\\(abpm.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C08C685F-93D8-4C5D-AE9B-5A1E30985075", versionEndExcluding: "5.50\\(abom.8\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ep240p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "462A698C-23E5-4766-BD8A-31271DFDCA6F", versionEndExcluding: "5.40\\(abvh.0\\)c0a03", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ep240p:-:*:*:*:*:*:*:*", matchCriteriaId: "91367DDE-F430-42F7-B4F2-28AEF7FDCB12", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D064FE76-DE01-42DA-824B-3FE6D3A52A6E", versionEndExcluding: "5.17\\(abyo.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48BB8CE5-ED23-43C8-AAFE-E619C0A5266B", versionEndExcluding: "5.17\\(abry.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte3301-plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6716746F-4642-4BA8-B1FB-38CBE0FEFE65", versionEndExcluding: "1.00\\(abqu.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "4814D3A1-C0D4-4573-AD77-C2EE7AC11CB4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5388-m804_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EE41084-CC13-485C-A24E-E1994D5A0267", versionEndExcluding: "1.00\\(abra.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5388-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E67FFCF7-ECE9-4644-B248-1B6E10AD9398", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5388-s905_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95529AB7-F11A-4C46-9F06-B2E8E4C78054", versionEndExcluding: "1.00\\(abvi.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5388-s905:-:*:*:*:*:*:*:*", matchCriteriaId: "F9F91C02-6CEB-44E3-A56F-96B49191E04A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5398-m904_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A257907C-446C-4A90-B313-947F38E06105", versionEndExcluding: "1.00\\(abqv.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5398-m904:-:*:*:*:*:*:*:*", matchCriteriaId: "F90453B8-19FF-4FF3-A167-E1A70E022201", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7240-m403_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CF40EC3D-F6EB-49CB-9E7C-BA7B6F65656B", versionEndExcluding: "2.00\\(abmg.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7240-m403:-:*:*:*:*:*:*:*", matchCriteriaId: "AAE2212F-D523-4706-9FD2-FDA760EE4B4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7461-m602_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B67AC137-5B28-41B9-8F81-3DD703D7B962", versionEndExcluding: "2.00\\(abqn.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7461-m602:-:*:*:*:*:*:*:*", matchCriteriaId: "8A307AD3-4E60-4859-B182-4CD4CB843757", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7DFDC741-78E6-42AA-B647-DEE9F04AA2DD", versionEndExcluding: "1.00\\(abra.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E3480021-1538-48ED-BE89-BB0DF562C7DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7480-s905_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B911A91C-5252-4CAF-B915-E314833DDFCC", versionEndExcluding: "2.00\\(abqt.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7480-s905:-:*:*:*:*:*:*:*", matchCriteriaId: "8E7AF237-04F2-4054-96DE-3FD059CF4B35", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7485-s905_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3FAF3DA-0C8A-4E60-B7C6-4E36D77E9D43", versionEndExcluding: "1.00\\(abvn.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7485-s905:-:*:*:*:*:*:*:*", matchCriteriaId: "E09953F0-2415-45F7-811C-E9D1A361284C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7490-m804_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "094A13AB-92FC-482D-BB1A-DA28B088F29C", versionEndExcluding: "v1.00\\(abqy.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7490-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "3380C6EB-4D52-4EB1-802C-778DDBDC7D12", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr5101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EB8687A-EADF-4B15-8F41-78F1070E0CA3", versionEndExcluding: "1.00\\(abvc.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr5101:-:*:*:*:*:*:*:*", matchCriteriaId: "11197D03-1C93-4D6A-950C-273E46CBBC62", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63A72A80-DA68-4353-8FEA-D372180F8401", versionEndExcluding: "1.00\\(abuv.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "E4D27B24-9822-432C-8B8B-9546EE32DEC6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C56958A5-2427-4A9A-BD40-3B548437CA36", versionEndExcluding: "1.00\\(abyd.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*", matchCriteriaId: "F1A15757-DE6F-4A72-9CAD-BAC04BD340A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D4E0639D-0861-4A10-AFA6-8251AD2217BB", versionEndExcluding: "5.42\\(acbc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "20FA4B81-5FE7-43D5-8A96-A1BF0CBA8CC6", versionEndExcluding: "5.40\\(abki.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*", matchCriteriaId: "9F1334B5-FC76-412F-A7EF-02EEEE677460", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FFBE0FC-A355-4E32-A606-4130B2581CE1", versionEndExcluding: "5.41\\(acbb.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*", matchCriteriaId: "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617ga_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E53F230A-806F-413B-BE4B-2A95645751DF", versionEndExcluding: "5.40\\(abna.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*", matchCriteriaId: "9C1B0834-3398-41B0-9A14-7D97768732B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5622ga_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09514F76-89EC-4ADF-9400-F14BB917EF97", versionEndExcluding: "5.40\\(abnb.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*", matchCriteriaId: "840AF834-B7A6-4ACA-BAB9-996D87476D3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6A689984-D14E-44AD-B86B-D165E3AF945E", versionEndExcluding: "5.50\\(abtl.0\\)b2r", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A40BCD8-C6D5-4DD7-92A6-305886662570", versionEndExcluding: "5.50\\(abom.8\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "32CAA0D0-8385-4333-9D94-A08F81C61FAD", versionEndExcluding: "5.50\\(abpm.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0F7F95B3-A92F-492F-AE07-ABC54A3158AB", versionEndExcluding: "5.50\\(abom.8\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:central_america:*:*:*", matchCriteriaId: "997AEAFA-6689-40C4-AC5E-97E2935272A0", versionEndExcluding: "5.50\\(accr.0\\)b4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:emea:*:*:*", matchCriteriaId: "DBA31900-874A-495B-858E-18C8E1CEA3BC", versionEndExcluding: "5.50\\(abpm.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.", }, { lang: "es", value: "Una vulnerabilidad de almacenamiento de información en texto claro en la versión V5.50(ABTL.0)b2k del firmware de Zyxel VMG3625-T50B podría permitir a un atacante autenticado obtener información sensible del archivo de configuración", }, ], id: "CVE-2021-35036", lastModified: "2024-11-21T06:11:43.343", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-01T07:15:06.917", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-312", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-312", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-12-03 02:15
Modified
2025-01-21 21:18
Severity ?
Summary
A post-authentication buffer overflow vulnerability in the parameter "action" of the CGI program in Zyxel VMG3625-T50B firmware versions through V5.50(ABPM.9.2)C0 could allow an authenticated attacker with administrator privileges to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP GET request to a vulnerable device if the function ZyEE is enabled.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "68D2EEEC-58EA-4444-AFBD-8CDA76DE7C30", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "6D3E176E-F728-4385-8533-4C694D43898A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72C17621-DFBD-43E0-ABCE-31EA1424A95D", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "2456F691-C182-4BE6-A08F-5E1717366DCA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F03882BE-6854-4DA0-AE71-E1DF1D9942F0", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E69CBC66-C2FA-441A-A8DE-DE5ABA996503", versionEndExcluding: "5.17\\(abyl.8\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "A0338E1C-2509-4510-8C8D-4BD5AEA47D81", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "99BD602C-4DB1-4C4C-BC2A-EBD52E4C962C", versionEndExcluding: "5.17\\(abyl.8\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "C8668990-045A-4DDD-9089-DE0025B69765", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "14B8FE6B-542A-4EE7-8BD3-7E5547E0BB08", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5B632720-75B8-47A7-8694-C27C2CA26D4E", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ee6510-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CEC2224E-9481-447A-8E1F-0F6BE170323E", versionEndExcluding: "5.19\\(acjq.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ee6510-10:-:*:*:*:*:*:*:*", matchCriteriaId: "CD4AE46D-E374-4224-9A66-4291B6A10C00", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCAF5BD1-FA85-47D8-AC74-B89C37673872", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "137F8B94-4176-4D9B-8704-28525E7352D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DED77538-32BD-41D0-AFB0-B523B1B0D626", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "F766221F-7478-4E39-B4CD-A2498ACEE754", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "15FA1F1B-3DAB-4C9A-9EAC-6F73C91C6000", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31134E19-A43A-4414-AC4A-A4D3D6D89C3F", versionEndExcluding: "5.44\\(achr.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8714EB1B-38E5-4295-AD26-EE13E2161DEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B24B63E-44D9-4967-9A25-0845F07466DE", versionEndExcluding: "5.44\\(achr.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "A98F76BD-0404-46DD-AE6A-EB630FEC8904", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A631CCE-1DBA-45EA-BCAE-35976C74CFB6", versionEndExcluding: "5.17\\(abup.13\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D5F451D2-9058-439C-B065-C635E1833B28", versionEndExcluding: "5.17\\(abup.13\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "3F955BD9-4D44-46BE-8605-51C6250A74D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08F959D0-DAF0-4D07-811C-54E780ABB35E", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4CE7E255-C846-4509-A6CE-CBC50C0E5EE5", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "7213FA12-5CD6-4E9B-8387-A52AEF17EA10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F887CE60-20C2-4301-B515-5C14C9C8D805", versionEndExcluding: "5.17\\(abry.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "568E5F9E-EFFE-4D1B-B06B-EED70C27985B", versionEndExcluding: "5.17\\(abqx.11\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5600-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CAF44159-2967-4DDD-8AD8-DE16871899D7", versionEndExcluding: "5.70\\(acdz.3.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5600-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "021CFB91-4627-4080-BF09-0BB5EFA708DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43F04ACC-EED8-4800-BA30-3FC704AF5D6C", versionEndExcluding: "5.70\\(acdz.3.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "ABFF2039-5DCC-4850-8BDA-3D418629C226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "435327F5-1A4D-46BA-B572-0771BAD3215F", versionEndExcluding: "5.70\\(acdz.3.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "D629D4B6-B2F2-45F1-9295-71751570C231", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "116A0A50-6379-4D72-8059-4D74FA208140", versionEndExcluding: "5.18\\(achn.1.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "1CE049DE-A5DA-4A4F-BA30-BBD09FF34DE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B992C7F8-F4DF-4426-ACFE-B1EF7DB26E53", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93D83C92-EE57-48F4-B532-FC13657D0F37", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "131D1D3D-382A-4563-B608-3848AACDF8A0", versionEndExcluding: "5.50\\(abom.8.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC43957D-D4F5-4D72-9876-C2796F9714CD", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F5030BD1-0653-4431-87B9-07CA0C1FDE33", versionEndExcluding: "5.50\\(abom.8.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "916BC802-CBB6-43FE-91D2-76EFA752481C", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FA0D8789-938A-475D-B105-64B225BABD97", versionEndExcluding: "5.50\\(abom.8.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F525A6F3-7510-47EF-AD60-A05214BEAFF8", versionEndExcluding: "5.17\\(abpc.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "77887B8D-E582-41FC-8ED5-11D631C5A062", versionEndExcluding: "5.17\\(abpc.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "780BBA7D-7E2C-4624-AA15-8A51F3DF428F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F55E0C82-22FD-4345-BA36-3A2F29216AD3", versionEndExcluding: "5.70\\(acif.0.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "D3BCC6A9-1CAE-459D-BE7D-AAB956BD1B92", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A23D6389-D322-4EC0-847A-488B735CE373", versionEndExcluding: "5.44\\(acjb.1.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB525DE-2E08-4848-976E-7DF6C7E19578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A6DBE5D0-F363-4EDA-8CE9-14F2B2B0C19D", versionEndExcluding: "5.44\\(achk.0.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB525DE-2E08-4848-976E-7DF6C7E19578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px5301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2213D90C-25CE-4A61-8479-1BC87DF35A80", versionEndExcluding: "5.44\\(ackb.0.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px5301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "7EBB4C27-DAEB-4297-98DC-3B22353B5184", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5F48FFD6-108C-459D-96D8-5ABE4F10681A", versionEndExcluding: "5.70\\(aceb.3.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A post-authentication buffer overflow vulnerability in the parameter \"action\" of the CGI program in Zyxel VMG3625-T50B firmware versions through V5.50(ABPM.9.2)C0 could allow an authenticated attacker with administrator privileges to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP GET request to a vulnerable device if the function ZyEE is enabled.", }, { lang: "es", value: " Una vulnerabilidad de desbordamiento de búfer posterior a la autenticación en el parámetro \"acción\" del programa CGI en las versiones de firmware Zyxel VMG3625-T50B hasta V5.50(ABPM.9.2)C0 podría permitir que un atacante autenticado con privilegios de administrador provoque una condición de denegación de servicio (DoS) temporal contra la interfaz de administración web al enviar una solicitud HTTP GET manipulada a un dispositivo vulnerable si la función ZyEE está habilitada.", }, ], id: "CVE-2024-9197", lastModified: "2025-01-21T21:18:24.393", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-12-03T02:15:17.773", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "security@zyxel.com.tw", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-11 02:15
Modified
2024-11-21 07:26
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7DFDC741-78E6-42AA-B647-DEE9F04AA2DD", versionEndExcluding: "1.00\\(abra.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E3480021-1538-48ED-BE89-BB0DF562C7DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7490-m904_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB812F29-2FAE-414C-9047-2471148B1E36", versionEndExcluding: "1.00\\(abqy.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:*", matchCriteriaId: "DC75F6DE-DCAF-47A0-B6BB-0E050C68AF25", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_nr5101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01D0F1E5-B9F0-4B64-8331-D18641EC161F", versionEndExcluding: "1.15\\(accg.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_nr5101:-:*:*:*:*:*:*:*", matchCriteriaId: "F9F605B8-A892-4119-AB7A-D14CDC5DFC88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA537481-4311-4C5E-B577-76C8A789FDAC", versionEndExcluding: "1.15\\(accc.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "52096C1F-F73C-413E-9D37-82EFA4703AEC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr5101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EB8687A-EADF-4B15-8F41-78F1070E0CA3", versionEndExcluding: "1.00\\(abvc.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr5101:-:*:*:*:*:*:*:*", matchCriteriaId: "11197D03-1C93-4D6A-950C-273E46CBBC62", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63A72A80-DA68-4353-8FEA-D372180F8401", versionEndExcluding: "1.00\\(abuv.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "E4D27B24-9822-432C-8B8B-9546EE32DEC6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C56958A5-2427-4A9A-BD40-3B548437CA36", versionEndExcluding: "1.00\\(abyd.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*", matchCriteriaId: "F1A15757-DE6F-4A72-9CAD-BAC04BD340A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "78DE37DB-6F39-48FE-8CE9-626036234C16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b1_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "66F40E06-666B-490C-84F7-1A7B49834CC1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "C8668990-045A-4DDD-9089-DE0025B69765", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AE285587-D5F3-42E5-ACB6-BDD03A50236C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4917CDD6-B5D9-4674-AE43-B75B60B8289E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "90DEAC05-EB3A-451D-9C0F-8D22B8886605", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1219D188-2A83-41EC-AC8D-694901E6067C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3301-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1F9ACE-DA82-4449-ADF9-5F8F540B812E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4434EF63-63EA-4A27-A6EF-CEE3000E9F02", versionEndExcluding: "5.17\\(abup.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "15D01EDB-A41C-4FC1-9C4B-38B69360BE90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5501-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D32815-5026-4A9A-8C8E-C30F154833AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1EC2DCD-97F2-4E13-AE82-468DBF052C4E", versionEndExcluding: "5.17\\(abqx.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5512-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8FF2B306-1EBD-4A14-A865-94C50F2F036D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5600-t1_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D6C46819-2848-4C0D-B360-F6987E9D3A82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5600-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "021CFB91-4627-4080-BF09-0BB5EFA708DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "13E7B377-3CF1-4BF5-A960-75952BC382D0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "ABFF2039-5DCC-4850-8BDA-3D418629C226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t1_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D41D53E2-CB40-4715-A2B5-E9E87C1F3AE0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "D629D4B6-B2F2-45F1-9295-71751570C231", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EBF0F8D-90CC-4089-AC9A-665348D27331", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD68CC70-242D-4A88-B182-DB68D2086225", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "88F74228-AC0C-4150-974D-54D77BBF9A90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B59AA0D1-9564-48FA-A0AF-C1FC67C0D1EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C75B24C-177A-470B-BCDE-39D31B0199F1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8901BBA-F2D4-49B8-80CF-4BABB5D2F365", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C6F890C3-F15D-4154-8E70-1529C7C8D89A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm3100-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D85D00E0-AA47-48AD-8914-A443482D7D7F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F78F88D4-A782-4075-A3CB-A728CE4014DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm5100-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0E683B32-A1A0-4DA4-81C4-61513E9E585F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "481013ED-2B6F-4FBB-881A-C0CD038C5FDA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7320-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E3B9C504-41A4-4756-BDB0-2EE317F801AE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7320-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E6A479CC-D543-49A1-8A37-7E9D4A0F0009", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1141E1B7-B6B8-496B-A2CA-A9076D805741", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*", matchCriteriaId: "9F1334B5-FC76-412F-A7EF-02EEEE677460", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1CA3BD8C-4FBB-45B6-AB00-55F7D5BA3C1B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*", matchCriteriaId: "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5617ga_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "366FB20C-6740-431A-A0CA-6EC3FDD3C505", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*", matchCriteriaId: "9C1B0834-3398-41B0-9A14-7D97768732B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pmg5622ga_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F61E8935-26CD-4664-A95C-1BCA77DBC4DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*", matchCriteriaId: "840AF834-B7A6-4ACA-BAB9-996D87476D3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3100-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FA532797-C2BF-4A37-9A36-92F1115150AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C56248-D12F-46DC-A52F-0607E4A5DCCC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5E011E78-E7E7-4F84-9A7D-A6548AFBE30C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "677C554B-F9C7-4780-97C0-6021146F8B3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5600-t0_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0ED109DF-7C43-4CEC-AC2C-80762B60C776", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.", }, { lang: "es", value: "Una vulnerabilidad de inyección de comandos en el programa CGI del firmware Zyxel NR7101 anterior a V1.15(ACCC.3)C0, que podría permitir a un atacante autenticado ejecutar algunos comandos del sistema operativo en un dispositivo vulnerable enviando una solicitud HTTP manipulada.", }, ], id: "CVE-2022-43390", lastModified: "2024-11-21T07:26:23.043", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "security@zyxel.com.tw", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-11T02:15:11.170", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-24 02:15
Modified
2024-09-30 15:51
Severity ?
Summary
An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43D29BE5-A0A9-4EA3-A0BB-AF3FCB83B9E5", versionEndExcluding: "5.70\\(aceb.3.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FEEFBA62-FF41-47F3-81F5-61034302A0E9", versionEndExcluding: "5.17\\(abve.2.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "677C554B-F9C7-4780-97C0-6021146F8B3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9392FD-1E26-4C72-94BA-7F71BCB7FD32", versionEndExcluding: "5.50\\(abvl.4.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C56248-D12F-46DC-A52F-0607E4A5DCCC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:scr50axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "093F98C0-F84F-408C-9835-D63F238E81E9", versionEndExcluding: "1.10\\(acgn.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:scr50axe:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE16790-D3CB-48D2-9C4C-ACCED14035BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EC1054FD-2E83-457C-9B5C-936813454B0E", versionEndExcluding: "5.44\\(acjb.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB525DE-2E08-4848-976E-7DF6C7E19578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7BD127D7-3B27-4D3B-A82C-B08D8BCFACF0", versionEndExcluding: "5.42\\(abyy.2.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm5100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AD5D584-14FB-424D-9175-A8F122483748", versionEndExcluding: "5.42\\(acbf.2.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF26B807-83DE-4D66-AB11-C8FF20D579D8", versionEndExcluding: "5.42\\(acbf.2.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F78F88D4-A782-4075-A3CB-A728CE4014DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61AC6D95-80A9-447F-9CB4-6CCA3A86334B", versionEndExcluding: "5.17\\(abpc.5.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "780BBA7D-7E2C-4624-AA15-8A51F3DF428F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2781DE8-ADD6-48EF-8FC5-D2DBAEC44E8D", versionEndExcluding: "5.50\\(abom.8.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "191B287A-F923-42EE-81F5-A8895F15ABF6", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C7BE424-6E8A-485E-9F20-CCE34EE6BD17", versionEndExcluding: "5.17\\(abqa.2.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "71020993-535B-420A-A158-1406C8A611A2", versionEndExcluding: "5.17\\(abqa.2.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "88F74228-AC0C-4150-974D-54D77BBF9A90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4555EDDD-B50A-41F1-B603-D384DE0CC42A", versionEndExcluding: "5.50\\(abom.8.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5EB06CB-BCFB-4EBF-A1C6-0A72DD9C56D8", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3530C6BA-5001-4BE2-B5EF-1A2638B234FF", versionEndExcluding: "5.50\\(abom.8.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "357C7DEF-891E-4D2D-9975-785E190B0E28", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8657DD28-3CBB-4828-927A-07DFF03E07DC", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7710-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50F8A5D1-04C5-4187-AD53-A7BAEBB2D5F3", versionEndExcluding: "5.18\\(acak.1\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7710-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "07727D9C-723B-4761-B6B6-07FE1784D3C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CE07CE74-7E9A-4319-A04B-FAB27DF20A5E", versionEndExcluding: "5.18\\(achn.1.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "1CE049DE-A5DA-4A4F-BA30-BBD09FF34DE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8BBBF350-66DE-4337-8E95-F1C5D75D5151", versionEndExcluding: "5.70\\(acdz.3.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "D629D4B6-B2F2-45F1-9295-71751570C231", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5222AE4A-192D-4B52-B12A-7DC04047CDD4", versionEndExcluding: "5.70\\(acdz.3.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "ABFF2039-5DCC-4850-8BDA-3D418629C226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5512-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E4CB5021-3A4C-4D2E-BC78-4E027DB217E9", versionEndExcluding: "5.70\\(aceg.3\\)c2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "37FB6CD6-AA0F-4A4A-9A10-0C0558FFC4FC", versionEndExcluding: "5.17\\(abqx.10\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A8CA39B3-1819-4EAF-86AD-AFBA7C22C9AE", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "7213FA12-5CD6-4E9B-8387-A52AEF17EA10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6938EC2C-CAC9-4A43-8B30-96BD92279087", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0976A6EB-9A37-4316-B204-0E62E8CE832B", versionEndExcluding: "5.70\\(acif.0.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "D3BCC6A9-1CAE-459D-BE7D-AAB956BD1B92", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DF914A6C-2C47-4869-9368-6ACC97876D5C", versionEndExcluding: "5.17\\(abup.12\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "3F955BD9-4D44-46BE-8605-51C6250A74D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC4B955B-CDA5-4BBB-8FFD-71394399A6C6", versionEndExcluding: "5.17\\(abup.12\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D72F97BC-0C04-436E-82EC-956164D97608", versionEndExcluding: "5.44\\(achr.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "A98F76BD-0404-46DD-AE6A-EB630FEC8904", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BD151CF9-DC45-475A-9128-91102B7CDF34", versionEndExcluding: "5.44\\(achr.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8714EB1B-38E5-4295-AD26-EE13E2161DEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CC5D271-3679-4962-8096-58BC125E553A", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09AF8A00-ECF7-43EA-98FB-6BDA7C5CAD60", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "F766221F-7478-4E39-B4CD-A2498ACEE754", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E60A1553-6685-4C75-91D0-199AC09558C6", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "137F8B94-4176-4D9B-8704-28525E7352D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96DF49B6-9BF6-45FC-BCA5-B612F01AC2E1", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8AF84D6-113E-49F3-9F3C-7EFE5DFEA8BF", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "46E29474-6891-480C-AC09-A3FB21C0D5DB", versionEndExcluding: "5.17\\(abyl.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "C8668990-045A-4DDD-9089-DE0025B69765", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "344761C5-3143-4B42-869D-B35DEE2C51FE", versionEndExcluding: "5.17\\(abyl.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "A0338E1C-2509-4510-8C8D-4BD5AEA47D81", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "582711B2-B998-4FF8-8237-99B3B62EDC87", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F811CD1C-E4D8-43A0-8E95-07CE2566FC72", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "2456F691-C182-4BE6-A08F-5E1717366DCA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B3EF633-501B-43DB-8297-D9AF9335B6C1", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "6D3E176E-F728-4385-8533-4C694D43898A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.", }, { lang: "es", value: "Una restricción incorrecta de las operaciones dentro de los límites de un búfer de memoria en el controlador de uso compartido de archivos USB de las versiones de firmware Zyxel VMG8825-T50K hasta la 5.50(ABOM.8)C0 podría permitir que un atacante autenticado con privilegios de administrador provoque posibles corrupciones de memoria, lo que resultaría en un bloqueo del hilo en un dispositivo afectado.", }, ], id: "CVE-2024-38269", lastModified: "2024-09-30T15:51:55.567", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-09-24T02:15:03.230", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-24 02:15
Modified
2024-09-30 15:52
Severity ?
Summary
An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43D29BE5-A0A9-4EA3-A0BB-AF3FCB83B9E5", versionEndExcluding: "5.70\\(aceb.3.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FEEFBA62-FF41-47F3-81F5-61034302A0E9", versionEndExcluding: "5.17\\(abve.2.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "677C554B-F9C7-4780-97C0-6021146F8B3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9392FD-1E26-4C72-94BA-7F71BCB7FD32", versionEndExcluding: "5.50\\(abvl.4.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C56248-D12F-46DC-A52F-0607E4A5DCCC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:scr50axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "093F98C0-F84F-408C-9835-D63F238E81E9", versionEndExcluding: "1.10\\(acgn.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:scr50axe:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE16790-D3CB-48D2-9C4C-ACCED14035BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EC1054FD-2E83-457C-9B5C-936813454B0E", versionEndExcluding: "5.44\\(acjb.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB525DE-2E08-4848-976E-7DF6C7E19578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7BD127D7-3B27-4D3B-A82C-B08D8BCFACF0", versionEndExcluding: "5.42\\(abyy.2.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm5100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AD5D584-14FB-424D-9175-A8F122483748", versionEndExcluding: "5.42\\(acbf.2.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF26B807-83DE-4D66-AB11-C8FF20D579D8", versionEndExcluding: "5.42\\(acbf.2.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F78F88D4-A782-4075-A3CB-A728CE4014DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61AC6D95-80A9-447F-9CB4-6CCA3A86334B", versionEndExcluding: "5.17\\(abpc.5.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "780BBA7D-7E2C-4624-AA15-8A51F3DF428F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2781DE8-ADD6-48EF-8FC5-D2DBAEC44E8D", versionEndExcluding: "5.50\\(abom.8.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "191B287A-F923-42EE-81F5-A8895F15ABF6", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C7BE424-6E8A-485E-9F20-CCE34EE6BD17", versionEndExcluding: "5.17\\(abqa.2.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "71020993-535B-420A-A158-1406C8A611A2", versionEndExcluding: "5.17\\(abqa.2.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "88F74228-AC0C-4150-974D-54D77BBF9A90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4555EDDD-B50A-41F1-B603-D384DE0CC42A", versionEndExcluding: "5.50\\(abom.8.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5EB06CB-BCFB-4EBF-A1C6-0A72DD9C56D8", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3530C6BA-5001-4BE2-B5EF-1A2638B234FF", versionEndExcluding: "5.50\\(abom.8.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "357C7DEF-891E-4D2D-9975-785E190B0E28", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8657DD28-3CBB-4828-927A-07DFF03E07DC", versionEndExcluding: "5.50\\(abpm.9.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7710-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50F8A5D1-04C5-4187-AD53-A7BAEBB2D5F3", versionEndExcluding: "5.18\\(acak.1\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7710-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "07727D9C-723B-4761-B6B6-07FE1784D3C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CE07CE74-7E9A-4319-A04B-FAB27DF20A5E", versionEndExcluding: "5.18\\(achn.1.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "1CE049DE-A5DA-4A4F-BA30-BBD09FF34DE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8BBBF350-66DE-4337-8E95-F1C5D75D5151", versionEndExcluding: "5.70\\(acdz.3.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "D629D4B6-B2F2-45F1-9295-71751570C231", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5222AE4A-192D-4B52-B12A-7DC04047CDD4", versionEndExcluding: "5.70\\(acdz.3.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "ABFF2039-5DCC-4850-8BDA-3D418629C226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5512-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E4CB5021-3A4C-4D2E-BC78-4E027DB217E9", versionEndExcluding: "5.70\\(aceg.3\\)c2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "37FB6CD6-AA0F-4A4A-9A10-0C0558FFC4FC", versionEndExcluding: "5.17\\(abqx.10\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A8CA39B3-1819-4EAF-86AD-AFBA7C22C9AE", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "7213FA12-5CD6-4E9B-8387-A52AEF17EA10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6938EC2C-CAC9-4A43-8B30-96BD92279087", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0976A6EB-9A37-4316-B204-0E62E8CE832B", versionEndExcluding: "5.70\\(acif.0.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "D3BCC6A9-1CAE-459D-BE7D-AAB956BD1B92", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DF914A6C-2C47-4869-9368-6ACC97876D5C", versionEndExcluding: "5.17\\(abup.12\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "3F955BD9-4D44-46BE-8605-51C6250A74D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC4B955B-CDA5-4BBB-8FFD-71394399A6C6", versionEndExcluding: "5.17\\(abup.12\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D72F97BC-0C04-436E-82EC-956164D97608", versionEndExcluding: "5.44\\(achr.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "A98F76BD-0404-46DD-AE6A-EB630FEC8904", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BD151CF9-DC45-475A-9128-91102B7CDF34", versionEndExcluding: "5.44\\(achr.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8714EB1B-38E5-4295-AD26-EE13E2161DEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CC5D271-3679-4962-8096-58BC125E553A", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09AF8A00-ECF7-43EA-98FB-6BDA7C5CAD60", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "F766221F-7478-4E39-B4CD-A2498ACEE754", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E60A1553-6685-4C75-91D0-199AC09558C6", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "137F8B94-4176-4D9B-8704-28525E7352D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96DF49B6-9BF6-45FC-BCA5-B612F01AC2E1", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8AF84D6-113E-49F3-9F3C-7EFE5DFEA8BF", versionEndExcluding: "5.17\\(abyo.6.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "46E29474-6891-480C-AC09-A3FB21C0D5DB", versionEndExcluding: "5.17\\(abyl.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "C8668990-045A-4DDD-9089-DE0025B69765", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "344761C5-3143-4B42-869D-B35DEE2C51FE", versionEndExcluding: "5.17\\(abyl.7\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "A0338E1C-2509-4510-8C8D-4BD5AEA47D81", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "582711B2-B998-4FF8-8237-99B3B62EDC87", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F811CD1C-E4D8-43A0-8E95-07CE2566FC72", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "2456F691-C182-4BE6-A08F-5E1717366DCA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B3EF633-501B-43DB-8297-D9AF9335B6C1", versionEndExcluding: "5.50\\(abvy.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "6D3E176E-F728-4385-8533-4C694D43898A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.", }, { lang: "es", value: "Una restricción incorrecta de las operaciones dentro de los límites de un búfer de memoria en el analizador de direcciones IPv6 de las versiones de firmware Zyxel VMG8825-T50K hasta la 5.50(ABOM.8)C0 podría permitir que un atacante autenticado con privilegios de administrador provoque posibles corrupciones de memoria, lo que resultaría en un bloqueo del hilo en un dispositivo afectado.", }, ], id: "CVE-2024-38267", lastModified: "2024-09-30T15:52:52.787", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-09-24T02:15:02.750", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-05-21 02:15
Modified
2025-01-22 22:55
Severity ?
Summary
The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t1_firmware:5.50\\(aby.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "39CA06C1-90B9-4426-8FCD-53908911689E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "2456F691-C182-4BE6-A08F-5E1717366DCA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:5.50\\(aby.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "E7BF144B-4B22-46C2-874E-A2ECD64AB043", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510_firmware:5.17\\(abyl.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "5061F56B-7799-4601-BDAF-A3E5A25B903B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510:-:*:*:*:*:*:*:*", matchCriteriaId: "48A35F59-2BE4-4BE2-95B2-AE33255BBDA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:5.17\\(abyo.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "F0CAE6A8-B04F-42FB-A0D2-D6F5D4622FAB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b1_firmware:5.17\\(abyo.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "8ED7E7AA-1D08-4CB7-8617-6896C56D68F5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:5.50\\(abpm.8\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "A66CE0FE-27D7-418D-841A-96C5F157A2A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:5.50\\(abpm.8\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "1D9E74CF-3FFA-4613-9831-152955307178", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:5.50\\(abom.8.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "A66FEC22-82D4-4801-8969-D5D5308622A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t1_firmware:5.50\\(aby.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "8A90F2DC-861C-47BF-A67F-D6AAB3595AA5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "F766221F-7478-4E39-B4CD-A2498ACEE754", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3301-t0_firmware:5.50\\(aby.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "B1DBDF16-C65F-4F78-BB2F-E2EDE827A658", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3500-t0_firmware:5.44\\(achr.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "D1B3F5D6-77F3-41DB-A2F1-D3D66464A598", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8714EB1B-38E5-4295-AD26-EE13E2161DEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3501-t0_firmware:5.44\\(achr.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "ECD2D2A5-0884-4B2A-A969-F48230F6F35D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "A98F76BD-0404-46DD-AE6A-EB630FEC8904", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510_firmware:5.17\\(abup.9\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "1C0FFCC6-85C3-4BF4-9B03-09B26B2114E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510:-:*:*:*:*:*:*:*", matchCriteriaId: "E0F2881E-A3FB-40FE-8259-0B69AFA025E0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:5.17\\(abyo.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "394DBD92-A0F2-483C-9455-5699CBC30C1D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b1_firmware:5.17\\(abyo.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "29922C44-EE6B-4204-93AE-A651D7E3F3DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "7213FA12-5CD6-4E9B-8387-A52AEF17EA10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5501-b0_firmware:5.17\\(abry.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "8983D127-53E7-45F7-A125-B400AE354D79", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5510_firmware:5.17\\(abqx.8\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "59AD3119-F9CB-4775-915B-03D7D2975F61", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5510:-:*:*:*:*:*:*:*", matchCriteriaId: "469C7BC8-47DB-4B39-9DD5-BB6C5620C488", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5512-t0_firmware:5.70\\(aceg.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "3C26B8D2-7745-4D48-B8DA-3A8DD94DCECD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5600-t1_firmware:5.70\\(acdz.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "B0FB1871-0E0C-4262-A0F3-7C9F86803187", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5600-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "021CFB91-4627-4080-BF09-0BB5EFA708DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t0_firmware:5.70\\(acdz.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "C601F782-6040-4CE3-AE17-46740DADFA68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "ABFF2039-5DCC-4850-8BDA-3D418629C226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t1_firmware:5.70\\(acdz.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "2611F0F9-CE8D-4DA9-B88F-213DF947983D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "D629D4B6-B2F2-45F1-9295-71751570C231", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7710-b0_firmware:5.18\\(acak.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "FAE3F3CA-CCE5-4894-BEC0-5D06D2F3D806", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7710-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "07727D9C-723B-4761-B6B6-07FE1784D3C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:5.50\\(abpm.8\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "5B8ACC3B-6A8E-4380-A621-551D64ADDB35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:5.50\\(abom.8.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "A7E4B285-39A7-4B20-8F7C-C1FCCEC45879", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:5.50\\(abpm.8\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "63727E2F-DBDC-490B-81C7-3E6C4B640694", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:5.50\\(abom.8.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "904EDFD7-FB8E-4E4F-AFD6-C8153C99B9CD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:5.17\\(abpc.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "ADBFF951-7503-45B3-838D-5CEFC1E22303", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b1_firmware:5.17\\(abpc.4\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "502DDF99-A3B5-4C7D-B4FD-79420528A515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "780BBA7D-7E2C-4624-AA15-8A51F3DF428F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3100-t0_firmware:5.50\\(abl.3\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "6FE1D8E3-79DB-4645-9B08-E6F5B1A6CFE1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C56248-D12F-46DC-A52F-0607E4A5DCCC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5600-t0_firmware:5.70\\(aceb.2\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "B81FE3B9-8ECE-4FCA-BEFA-CEE7753E11E9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5610-b0_firmware:5.18\\(acgj.0\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "B4F867EE-2A8C-4CDF-9D02-6E739BEA6A81", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5610-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88909887-E078-4EC5-BA49-2EFCABF1EB1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nbg7510_firmware:1.00\\(abzy.5\\)c0:*:*:*:*:*:*:*", matchCriteriaId: "63872C8C-7B9B-4AC0-9CE4-CC5B9AB93691", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nbg7510:-:*:*:*:*:*:*:*", matchCriteriaId: "98CB675F-DF0C-46C3-B206-CCFF407D2BA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.", }, { lang: "es", value: "La vulnerabilidad de desbordamiento del búfer en el programa CGI de la versión de firmware VMG3625-T50B V5.50(ABPM.8)C0 podría permitir que un atacante remoto autenticado cause condiciones de denegación de servicio (DoS) enviando una solicitud HTTP manipulada a un dispositivo vulnerable.", }, ], id: "CVE-2023-37929", lastModified: "2025-01-22T22:55:02.317", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-05-21T02:15:08.470", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerabilities-in-some-5g-nr-4g-lte-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-home-router-devices-05-21-2024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerabilities-in-some-5g-nr-4g-lte-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-home-router-devices-05-21-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "security@zyxel.com.tw", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-12-03 02:15
Modified
2025-01-21 21:20
Severity ?
Summary
A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte3301-plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6716746F-4642-4BA8-B1FB-38CBE0FEFE65", versionEndExcluding: "1.00\\(abqu.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "4814D3A1-C0D4-4573-AD77-C2EE7AC11CB4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5388-m804_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F8A2E6EF-6C66-4D10-8F13-207C102BB403", versionEndExcluding: "1.00\\(absq.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5388-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E67FFCF7-ECE9-4644-B248-1B6E10AD9398", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte5398-m904_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C439774C-3B11-4738-8F57-24AE9190E437", versionEndExcluding: "1.00\\(abq.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte5398-m904:-:*:*:*:*:*:*:*", matchCriteriaId: "F90453B8-19FF-4FF3-A167-E1A70E022201", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "441D0E0B-3740-41A5-B227-F737C011B935", versionEndExcluding: "1.00\\(abra.10\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*", matchCriteriaId: "E3480021-1538-48ED-BE89-BB0DF562C7DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:lte7490-m904_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F271F483-5F07-4305-B674-87C29D59DCBF", versionEndExcluding: "1.00\\(abqy.9\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:*", matchCriteriaId: "DC75F6DE-DCAF-47A0-B6BB-0E050C68AF25", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A73FA031-D008-4AFA-AAEB-8DCDAD995B46", versionEndExcluding: "1.00\\(abu.11\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "E4D27B24-9822-432C-8B8B-9546EE32DEC6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "90099DBC-0E96-4F19-BEDF-1220A2E054DC", versionEndExcluding: "1.00\\(abyd.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*", matchCriteriaId: "F1A15757-DE6F-4A72-9CAD-BAC04BD340A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_nr5101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8EECE4B-3C71-4738-8A95-FDD453D5F077", versionEndExcluding: "1.16\\(accg.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_nr5101:-:*:*:*:*:*:*:*", matchCriteriaId: "F9F605B8-A892-4119-AB7A-D14CDC5DFC88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "16CC26F4-CE74-470D-98B0-CDD57B19DE7E", versionEndExcluding: "1.16\\(accc.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*", matchCriteriaId: "52096C1F-F73C-413E-9D37-82EFA4703AEC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E09E83F-148C-4598-91A4-9712C198A0D6", versionEndExcluding: "1.18\\(acca.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "42297A6A-3E50-4E9E-ABF6-58C77F222DC1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "68D2EEEC-58EA-4444-AFBD-8CDA76DE7C30", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "6D3E176E-F728-4385-8533-4C694D43898A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72C17621-DFBD-43E0-ABCE-31EA1424A95D", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "2456F691-C182-4BE6-A08F-5E1717366DCA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F03882BE-6854-4DA0-AE71-E1DF1D9942F0", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E69CBC66-C2FA-441A-A8DE-DE5ABA996503", versionEndExcluding: "5.17\\(abyl.8\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "A0338E1C-2509-4510-8C8D-4BD5AEA47D81", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx4510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "99BD602C-4DB1-4C4C-BC2A-EBD52E4C962C", versionEndExcluding: "5.17\\(abyl.8\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "C8668990-045A-4DDD-9089-DE0025B69765", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "14B8FE6B-542A-4EE7-8BD3-7E5547E0BB08", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "B293E564-2C48-442A-A415-34383DF3ADBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5B632720-75B8-47A7-8694-C27C2CA26D4E", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ee6510-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CEC2224E-9481-447A-8E1F-0F6BE170323E", versionEndExcluding: "5.19\\(acjq.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ee6510-10:-:*:*:*:*:*:*:*", matchCriteriaId: "CD4AE46D-E374-4224-9A66-4291B6A10C00", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex2210-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F2AE02D-5388-434C-956E-D7B326ABF44F", versionEndExcluding: "5.50\\(acdi.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex2210-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "A71E4E6F-357E-4DAA-B7D7-7CF44000F0CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCAF5BD1-FA85-47D8-AC74-B89C37673872", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "137F8B94-4176-4D9B-8704-28525E7352D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DED77538-32BD-41D0-AFB0-B523B1B0D626", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "F766221F-7478-4E39-B4CD-A2498ACEE754", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "15FA1F1B-3DAB-4C9A-9EAC-6F73C91C6000", versionEndExcluding: "5.50\\(aby.5.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31134E19-A43A-4414-AC4A-A4D3D6D89C3F", versionEndExcluding: "5.44\\(achr.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8714EB1B-38E5-4295-AD26-EE13E2161DEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B24B63E-44D9-4967-9A25-0845F07466DE", versionEndExcluding: "5.44\\(achr.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "A98F76BD-0404-46DD-AE6A-EB630FEC8904", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A631CCE-1DBA-45EA-BCAE-35976C74CFB6", versionEndExcluding: "5.17\\(abup.13\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3510-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D5F451D2-9058-439C-B065-C635E1833B28", versionEndExcluding: "5.17\\(abup.13\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3510-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "3F955BD9-4D44-46BE-8605-51C6250A74D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex3600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F55E0C82-22FD-4345-BA36-3A2F29216AD3", versionEndExcluding: "5.70\\(acif.0.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex3600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "D3BCC6A9-1CAE-459D-BE7D-AAB956BD1B92", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08F959D0-DAF0-4D07-811C-54E780ABB35E", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4CE7E255-C846-4509-A6CE-CBC50C0E5EE5", versionEndExcluding: "5.17\\(abyo.6.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "7213FA12-5CD6-4E9B-8387-A52AEF17EA10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F887CE60-20C2-4301-B515-5C14C9C8D805", versionEndExcluding: "5.17\\(abry.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "568E5F9E-EFFE-4D1B-B06B-EED70C27985B", versionEndExcluding: "5.17\\(abqx.11\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5512-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2177DB8F-097F-438C-9B0F-E4A14540A89D", versionEndExcluding: "5.70\\(aceg4.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5600-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CAF44159-2967-4DDD-8AD8-DE16871899D7", versionEndExcluding: "5.70\\(acdz.3.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5600-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "021CFB91-4627-4080-BF09-0BB5EFA708DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43F04ACC-EED8-4800-BA30-3FC704AF5D6C", versionEndExcluding: "5.70\\(acdz.3.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "ABFF2039-5DCC-4850-8BDA-3D418629C226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex5601-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "435327F5-1A4D-46BA-B572-0771BAD3215F", versionEndExcluding: "5.70\\(acdz.3.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "D629D4B6-B2F2-45F1-9295-71751570C231", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "116A0A50-6379-4D72-8059-4D74FA208140", versionEndExcluding: "5.18\\(achn.1.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "1CE049DE-A5DA-4A4F-BA30-BBD09FF34DE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ex7710-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "19EE58DA-A323-4BE1-A761-5E2C94F8A2A6", versionEndExcluding: "5.18\\(acak.1.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ex7710-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "07727D9C-723B-4761-B6B6-07FE1784D3C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B992C7F8-F4DF-4426-ACFE-B1EF7DB26E53", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "9259E2F6-885D-4B44-8D40-20758DA599D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93D83C92-EE57-48F4-B532-FC13657D0F37", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "F3ECE0EB-C429-4716-ABFB-73540847EB9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "131D1D3D-382A-4563-B608-3848AACDF8A0", versionEndExcluding: "5.50\\(abom.8.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "B18982B2-E575-478E-A2B4-0932DE329056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "593C78E3-E459-4519-9313-FAA93315A6C8", versionEndExcluding: "5.13\\(abnp.8\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*", matchCriteriaId: "304D3B33-F7EC-4EB3-B6EF-6BEB2112F9C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC43957D-D4F5-4D72-9876-C2796F9714CD", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1009022D-5033-47D2-B310-5B0C42CA3F69", versionEndExcluding: "5.13\\(ably.9\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "94BE349D-EC30-4EB7-8B68-EA7223364A4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F5030BD1-0653-4431-87B9-07CA0C1FDE33", versionEndExcluding: "5.50\\(abom.8.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "1B33AE56-3948-494B-9E23-54D939DF0D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BFEB980C-00C4-45DB-A2C1-64F3BB69DF54", versionEndExcluding: "5.15\\(abqa.2.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "88F74228-AC0C-4150-974D-54D77BBF9A90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD035A19-15E2-4740-A264-11D0E30777A2", versionEndExcluding: "5.15\\(abqa.2.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", matchCriteriaId: "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4005-b50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8696573D-D3FF-4CAB-B6C0-743B8AAA20AE", versionEndExcluding: "5.13\\(abrl.5.2\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4005-b50b:-:*:*:*:*:*:*:*", matchCriteriaId: "36B2A37B-0662-43E7-AEB4-DF0C5A30A95F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D62F49F-1E1B-4E6E-A72A-1DEC917E21DC", versionEndExcluding: "5.13\\(ably.9\\)c1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*", matchCriteriaId: "C0EE70D2-51BB-4E45-8995-655C1394C440", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "916BC802-CBB6-43FE-91D2-76EFA752481C", versionEndExcluding: "5.50\\(abpm.9.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", matchCriteriaId: "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FA0D8789-938A-475D-B105-64B225BABD97", versionEndExcluding: "5.50\\(abom.8.5\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2EEC4924-34DB-4AFB-8CEF-0ABBAFFD0E0B", versionEndExcluding: "5.50\\(abpy.1\\)b26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", matchCriteriaId: "D4C2320B-52DF-4F86-86D2-42FB62337773", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F525A6F3-7510-47EF-AD60-A05214BEAFF8", versionEndExcluding: "5.17\\(abpc.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "78473083-F702-4B81-AAA0-B66A0984FF6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:ax7501-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "77887B8D-E582-41FC-8ED5-11D631C5A062", versionEndExcluding: "5.17\\(abpc.5.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "780BBA7D-7E2C-4624-AA15-8A51F3DF428F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "804D1F95-0D82-4052-98C6-996DBB94BB48", versionEndExcluding: "5.42\\(acbf.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "F78F88D4-A782-4075-A3CB-A728CE4014DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm5100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85D7006F-2710-4A4E-958B-F707865D942A", versionEndExcluding: "5.42\\(acbf.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0E85316-F791-4789-AA88-DE1D5E9E62A0", versionEndExcluding: "5.42\\(abyy.2.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:pm7500-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95E49610-E756-42B8-8C0C-438A587EB8DB", versionEndExcluding: "5.61\\(ackk.0.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:pm7500-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "09F7FD2C-ED57-4EB4-9EB7-DE2F376FD858", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A23D6389-D322-4EC0-847A-488B735CE373", versionEndExcluding: "5.44\\(acjb.1.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB525DE-2E08-4848-976E-7DF6C7E19578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A6DBE5D0-F363-4EDA-8CE9-14F2B2B0C19D", versionEndExcluding: "5.44\\(achk.0.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB525DE-2E08-4848-976E-7DF6C7E19578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:px5301-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2213D90C-25CE-4A61-8479-1BC87DF35A80", versionEndExcluding: "5.44\\(ackb.0.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:px5301-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "7EBB4C27-DAEB-4297-98DC-3B22353B5184", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3100-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7D3A977-B98F-4626-8C3A-D830F5355D85", versionEndExcluding: "5.50\\(abl.4.4\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C56248-D12F-46DC-A52F-0607E4A5DCCC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "801684BD-8E4B-4881-9052-0116734FFB66", versionEndExcluding: "5.17\\(abe.2.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "677C554B-F9C7-4780-97C0-6021146F8B3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx3401-b1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23166E44-D53C-4410-B50D-9C7C10B1D7E8", versionEndExcluding: "5.17\\(abe.2.6\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx3401-b1:-:*:*:*:*:*:*:*", matchCriteriaId: "E7C8FB13-CBCF-4A74-8DFD-874B9A990577", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5F48FFD6-108C-459D-96D8-5ABE4F10681A", versionEndExcluding: "5.70\\(aceb.3.3\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", matchCriteriaId: "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:wx5610-b0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3280237A-C025-4324-8747-39EE5D697327", versionEndExcluding: "5.18\\(acgj0.1\\)c0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:wx5610-b0:-:*:*:*:*:*:*:*", matchCriteriaId: "88909887-E078-4EC5-BA49-2EFCABF1EB1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.", }, { lang: "es", value: "Una vulnerabilidad de desbordamiento de búfer en el analizador de paquetes de la librería de terceros \"libclinkc\" en las versiones de firmware Zyxel VMG8825-T50K hasta V5.50(ABOM.8.4)C0 podría permitir que un atacante provoque una condición de denegación de servicio (DoS) temporal contra la interfaz de administración web al enviar una solicitud HTTP POST manipulada a un dispositivo vulnerable.", }, ], id: "CVE-2024-8748", lastModified: "2025-01-21T21:20:19.757", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security@zyxel.com.tw", type: "Primary", }, ], }, published: "2024-12-03T02:15:17.620", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "security@zyxel.com.tw", type: "Primary", }, ], }
var-202409-1843
Vulnerability from variot
An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device. wx5600-t0 firmware, wx3401-b0 firmware, wx3100-t0 firmware etc. ZyXEL There are unspecified vulnerabilities in the product.Service operation interruption (DoS) It may be in a state. Zyxel VMG8825-T50K is an Internet access device from China's Zyxel Corporation.
Zyxel VMG8825-T50K has a buffer overflow vulnerability, which stems from the USB file sharing handler improperly restricting operations within the memory buffer range
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202409-1843", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "dx3301-t0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.50\\(abvy.5.3\\)c0", }, { model: "ex5510-b0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.17\\(abqx.10\\)c0", }, { model: "emg5723-t50k", scope: "lt", trust: 1, vendor: "zyxel", version: "5.50\\(abom.8.4\\)c0", }, { model: "ex3500-t0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.44\\(achr.2\\)c0", }, { model: "wx3401-b0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.17\\(abve.2.5\\)c0", }, { model: "ex5601-t0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.70\\(acdz.3.2\\)c0", }, { model: "ex5512-t0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.70\\(aceg.3\\)c2", }, { model: "vmg4005-b60a", scope: "lt", trust: 1, vendor: "zyxel", version: "5.17\\(abqa.2.2\\)c0", }, { model: "dx3300-t0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.50\\(abvy.5.3\\)c0", }, { model: "ex7710-b0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.18\\(acak.1\\)c1", }, { model: "dx4510-b1", scope: "lt", trust: 1, vendor: "zyxel", version: "5.17\\(abyl.7\\)c0", }, { model: "vmg8825-t50k", scope: "lt", trust: 1, vendor: "zyxel", version: "5.50\\(abom.8.4\\)c0", }, { model: "wx3100-t0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.50\\(abvl.4.3\\)c0", }, { model: "pm7300-t0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.42\\(abyy.2.2\\)c0", }, { model: "emg5523-t50b", scope: "lt", trust: 1, vendor: "zyxel", version: "5.50\\(abpm.9.2\\)c0", }, { model: "ex5401-b0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.17\\(abyo.6.2\\)c0", }, { model: "ex3510-b1", scope: "lt", trust: 1, vendor: "zyxel", version: "5.17\\(abup.12\\)c0", }, { model: "ex3300-t0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.50\\(abvy.5.3\\)c0", }, { model: "vmg4005-b50a", scope: "lt", trust: 1, vendor: "zyxel", version: "5.17\\(abqa.2.2\\)c0", }, { model: "dx3300-t1", scope: "lt", trust: 1, vendor: "zyxel", version: "5.50\\(abvy.5.3\\)c0", }, { model: "pm5100-t0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.42\\(acbf.2.1\\)c0", }, { model: "dx5401-b1", scope: "lt", trust: 1, vendor: "zyxel", version: "5.17\\(abyo.6.2\\)c0", }, { model: "emg3525-t50b", scope: "lt", trust: 1, vendor: "zyxel", version: "5.50\\(abpm.9.2\\)c0", }, { model: "px3321-t1", scope: "lt", trust: 1, vendor: "zyxel", version: "5.44\\(acjb.1\\)c0", }, { model: "ex3301-t0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.50\\(abvy.5.3\\)c0", }, { model: "dx4510-b0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.17\\(abyl.7\\)c0", }, { model: "ex3501-t0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.44\\(achr.2\\)c0", }, { model: "dx5401-b0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.17\\(abyo.6.2\\)c0", }, { model: "ex5401-b1", scope: "lt", trust: 1, vendor: "zyxel", version: "5.17\\(abyo.6.2\\)c0", }, { model: "vmg3625-t50b", scope: "lt", trust: 1, vendor: "zyxel", version: "5.50\\(abpm.9.2\\)c0", }, { model: "vmg8623-t50b", scope: "lt", trust: 1, vendor: "zyxel", version: "5.50\\(abpm.9.2\\)c0", }, { model: "ex5601-t1", scope: "lt", trust: 1, vendor: "zyxel", version: "5.70\\(acdz.3.2\\)c0", }, { model: "vmg3927-t50k", scope: "lt", trust: 1, vendor: "zyxel", version: "5.50\\(abom.8.4\\)c0", }, { model: "wx5600-t0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.70\\(aceb.3.2\\)c0", }, { model: "ax7501-b1", scope: "lt", trust: 1, vendor: "zyxel", version: "5.17\\(abpc.5.2\\)c0", }, { model: "ex7501-b0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.18\\(achn.1.2\\)c0", }, { model: "ex3510-b0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.17\\(abup.12\\)c0", }, { model: "ex3600-t0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.70\\(acif.0.3\\)c0", }, { model: "pm3100-t0", scope: "lt", trust: 1, vendor: "zyxel", version: "5.42\\(acbf.2.1\\)c0", }, { model: "scr50axe", scope: "lt", trust: 1, vendor: "zyxel", version: "1.10\\(acgn.3\\)c0", }, { model: "ex3300-t1", scope: "lt", trust: 1, vendor: "zyxel", version: "5.50\\(abvy.5.3\\)c0", }, { model: "vmg3625-t50b", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "wx5600-t0", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "vmg3927-t50k", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "wx3100-t0", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "emg5523-t50b", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "scr50axe", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "vmg4005-b50a", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "ex7501-b0", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "vmg8623-t50b", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "vmg4005-b60a", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "pm7300-t0", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "px3321-t1", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "vmg8825-t50k", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "pm3100-t0", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "ex7710-b0", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "ax7501-b1", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "emg5723-t50k", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "emg3525-t50b", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "wx3401-b0", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "pm5100-t0", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "vmg8825-t50k <=5.50 c0", scope: null, trust: 0.6, vendor: "zyxel", version: null, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-40286", }, { db: "JVNDB", id: "JVNDB-2024-009433", }, { db: "NVD", id: "CVE-2024-38269", }, ], }, cve: "CVE-2024-38269", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "MULTIPLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "NONE", exploitabilityScore: 6.4, id: "CNVD-2024-40286", impactScore: 6.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:M/C:N/I:N/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "security@zyxel.com.tw", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 1.2, id: "CVE-2024-38269", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "OTHER", availabilityImpact: "High", baseScore: 4.9, baseSeverity: "Medium", confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2024-009433", impactScore: null, integrityImpact: "None", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "security@zyxel.com.tw", id: "CVE-2024-38269", trust: 1, value: "MEDIUM", }, { author: "OTHER", id: "JVNDB-2024-009433", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2024-40286", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2024-40286", }, { db: "JVNDB", id: "JVNDB-2024-009433", }, { db: "NVD", id: "CVE-2024-38269", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device. wx5600-t0 firmware, wx3401-b0 firmware, wx3100-t0 firmware etc. ZyXEL There are unspecified vulnerabilities in the product.Service operation interruption (DoS) It may be in a state. Zyxel VMG8825-T50K is an Internet access device from China's Zyxel Corporation. \n\nZyxel VMG8825-T50K has a buffer overflow vulnerability, which stems from the USB file sharing handler improperly restricting operations within the memory buffer range", sources: [ { db: "NVD", id: "CVE-2024-38269", }, { db: "JVNDB", id: "JVNDB-2024-009433", }, { db: "CNVD", id: "CNVD-2024-40286", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2024-38269", trust: 3.2, }, { db: "JVNDB", id: "JVNDB-2024-009433", trust: 0.8, }, { db: "CNVD", id: "CNVD-2024-40286", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-40286", }, { db: "JVNDB", id: "JVNDB-2024-009433", }, { db: "NVD", id: "CVE-2024-38269", }, ], }, id: "VAR-202409-1843", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2024-40286", }, ], trust: 0.06, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-40286", }, ], }, last_update_date: "2024-10-13T23:13:54.758000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1, }, { problemtype: "NVD-CWE-noinfo", trust: 1, }, { problemtype: "Buffer error (CWE-119) [ others ]", trust: 0.8, }, { problemtype: " Lack of information (CWE-noinfo) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009433", }, { db: "NVD", id: "CVE-2024-38269", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2024-38269", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-40286", }, { db: "JVNDB", id: "JVNDB-2024-009433", }, { db: "NVD", id: "CVE-2024-38269", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2024-40286", }, { db: "JVNDB", id: "JVNDB-2024-009433", }, { db: "NVD", id: "CVE-2024-38269", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-10-10T00:00:00", db: "CNVD", id: "CNVD-2024-40286", }, { date: "2024-10-01T00:00:00", db: "JVNDB", id: "JVNDB-2024-009433", }, { date: "2024-09-24T02:15:03.230000", db: "NVD", id: "CVE-2024-38269", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-10-11T00:00:00", db: "CNVD", id: "CNVD-2024-40286", }, { date: "2024-10-01T00:47:00", db: "JVNDB", id: "JVNDB-2024-009433", }, { date: "2024-09-30T15:51:55.567000", db: "NVD", id: "CVE-2024-38269", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural ZyXEL Product vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2024-009433", }, ], trust: 0.8, }, }