Vulnerability-Lookup - Search a vulnerability

cve-2022-43392

Vulnerability from cvelistv5

Published

2023-01-11 00:00

Modified

2024-11-27 17:13

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.

References

▼	URL	Tags
	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders

Impacted products

	Vendor	Product	Version
	Zyxel	NR7101 firmware	Version: < V1.15(ACCC.3)C0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:58.450Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-43392",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-08T21:00:52.401931Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-27T17:13:31.757Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "NR7101 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c V1.15(ACCC.3)C0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.\u003c/p\u003e"
            }
          ],
          "value": "A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-29T06:51:13.677Z",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2022-43392",
    "datePublished": "2023-01-11T00:00:00",
    "dateReserved": "2022-10-18T00:00:00",
    "dateUpdated": "2024-11-27T17:13:31.757Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-35036

Vulnerability from cvelistv5

Published

2022-03-01 06:20

Modified

2024-08-04 00:33

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.

References

▼	URL	Tags
	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Zyxel	VMG3625-T50B firmware	Version: V5.50(ABTL.0)b2k

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:33:49.906Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "VMG3625-T50B firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "V5.50(ABTL.0)b2k"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "CWE-312: Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-27T13:19:55",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@zyxel.com.tw",
          "ID": "CVE-2021-35036",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "VMG3625-T50B firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V5.50(ABTL.0)b2k"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Zyxel"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "6.5",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-312: Cleartext Storage of Sensitive Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability",
              "refsource": "CONFIRM",
              "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2021-35036",
    "datePublished": "2022-03-01T06:20:12",
    "dateReserved": "2021-06-17T00:00:00",
    "dateUpdated": "2024-08-04T00:33:49.906Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-26413

Vulnerability from cvelistv5

Published

2022-04-11 12:00

Modified

2024-08-03 05:03

Severity ?

8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.

References

▼	URL	Tags
	https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Zyxel	VMG3312-T20A firmware	Version: V5.30(ABFX.5)C0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:03:32.814Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "VMG3312-T20A firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "V5.30(ABFX.5)C0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-11T12:00:19",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@zyxel.com.tw",
          "ID": "CVE-2022-26413",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "VMG3312-T20A firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V5.30(ABFX.5)C0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Zyxel"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "8.0",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml",
              "refsource": "CONFIRM",
              "url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2022-26413",
    "datePublished": "2022-04-11T12:00:19",
    "dateReserved": "2022-03-04T00:00:00",
    "dateUpdated": "2024-08-03T05:03:32.814Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-43389

Vulnerability from cvelistv5

Published

2023-01-11 00:00

Modified

2024-08-03 13:32

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Summary

A buffer overflow vulnerability in the library of the web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device.

References

▼	URL	Tags
	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders

Impacted products

	Vendor	Product	Version
	Zyxel	NR7101 firmware	Version: < V1.15(ACCC.3)C0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:58.640Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NR7101 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c V1.15(ACCC.3)C0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A buffer overflow vulnerability in the library of the web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-11T00:00:00",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2022-43389",
    "datePublished": "2023-01-11T00:00:00",
    "dateReserved": "2022-10-18T00:00:00",
    "dateUpdated": "2024-08-03T13:32:58.640Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-43391

Vulnerability from cvelistv5

Published

2023-01-11 00:00

Modified

2024-10-15 17:12

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.

References

▼	URL	Tags
	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders

Impacted products

	Vendor	Product	Version
	Zyxel	NR7101 firmware	Version: < V1.15(ACCC.3)C0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:58.705Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-43391",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-15T17:09:12.473207Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-15T17:12:34.022Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "NR7101 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c V1.15(ACCC.3)C0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.\u003c/p\u003e"
            }
          ],
          "value": "A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-29T06:50:37.887Z",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2022-43391",
    "datePublished": "2023-01-11T00:00:00",
    "dateReserved": "2022-10-18T00:00:00",
    "dateUpdated": "2024-10-15T17:12:34.022Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-43390

Vulnerability from cvelistv5

Published

2023-01-11 00:00

Modified

2024-08-03 13:32

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Summary

A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.

References

▼	URL	Tags
	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders

Impacted products

	Vendor	Product	Version
	Zyxel	NR7101 firmware	Version: < V1.15(ACCC.3)C0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:57.394Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NR7101 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c V1.15(ACCC.3)C0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-11T00:00:00",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2022-43390",
    "datePublished": "2023-01-11T00:00:00",
    "dateReserved": "2022-10-18T00:00:00",
    "dateUpdated": "2024-08-03T13:32:57.394Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-26414

Vulnerability from cvelistv5

Published

2022-04-11 12:05

Modified

2024-08-03 05:03

Severity ?

6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Summary

A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.

References

▼	URL	Tags
	https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Zyxel	VMG3312-T20A firmware	Version: V5.30(ABFX.5)C0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:03:32.637Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "VMG3312-T20A firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "V5.30(ABFX.5)C0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-11T12:05:11",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@zyxel.com.tw",
          "ID": "CVE-2022-26414",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "VMG3312-T20A firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V5.30(ABFX.5)C0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Zyxel"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "6.0",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml",
              "refsource": "CONFIRM",
              "url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2022-26414",
    "datePublished": "2022-04-11T12:05:11",
    "dateReserved": "2022-03-04T00:00:00",
    "dateUpdated": "2024-08-03T05:03:32.637Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd

Published

2023-01-11 02:15

Modified

2024-11-21 07:26

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A buffer overflow vulnerability in the library of the web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device.

References

▼	URL	Tags
	security@zyxel.com.tw	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders	Vendor Advisory

Impacted products

Vendor	Product	Version
zyxel	lte3202-m437_firmware	*
zyxel	lte3202-m437	-
zyxel	lte3316-m604_firmware	*
zyxel	lte3316-m604	-
zyxel	lte7480-m804_firmware	*
zyxel	lte7480-m804	-
zyxel	lte7490-m904_firmware	*
zyxel	lte7490-m904	-
zyxel	nebula_fwa510_firmware	*
zyxel	nebula_fwa510	-
zyxel	nebula_fwa710_firmware	*
zyxel	nebula_fwa710	-
zyxel	nebula_nr7101_firmware	*
zyxel	nebula_nr7101	-
zyxel	nr5103_firmware	*
zyxel	nr5103	-
zyxel	nr5103e_firmware	-
zyxel	nr5103e	-
zyxel	nr7101_firmware	*
zyxel	nr7101	-
zyxel	nr7102_firmware	*
zyxel	nr7102	-
zyxel	nr7103_firmware	*
zyxel	nr7103	-
zyxel	ep240p_firmware	-
zyxel	ep240p	-
zyxel	pm7320-b0_firmware	-
zyxel	pm7320-b0	-
zyxel	pmg5317-t20b_firmware	-
zyxel	pmg5317-t20b	-
zyxel	pmg5617ga_firmware	-
zyxel	pmg5617ga	-
zyxel	pmg5622ga_firmware	-
zyxel	pmg5622ga	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte3202-m437_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEED7B93-7998-429A-9B16-49BAE465704F",
              "versionEndExcluding": "1.00\\(abwf.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte3202-m437:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AFA5A91-B372-464B-9C8E-DFC6552E64EB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte3316-m604_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FBDC947-18E3-4A46-A7B3-9AB18032254E",
              "versionEndExcluding": "2.00\\(abmp.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte3316-m604:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "557BE1D0-A562-4176-8E59-562E329DD602",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DFDC741-78E6-42AA-B647-DEE9F04AA2DD",
              "versionEndExcluding": "1.00\\(abra.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3480021-1538-48ED-BE89-BB0DF562C7DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7490-m904_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB812F29-2FAE-414C-9047-2471148B1E36",
              "versionEndExcluding": "1.00\\(abqy.5\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC75F6DE-DCAF-47A0-B6BB-0E050C68AF25",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nebula_fwa510_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7D1CEC6-D45B-4B6A-8A58-B099ADF57413",
              "versionEndExcluding": "1.15\\(acgd.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nebula_fwa510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B7099C-DAA5-4902-A62B-B680C9450575",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nebula_fwa710_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB7233D1-3202-471C-AEEA-F76E79F78346",
              "versionEndExcluding": "1.15\\(acgc.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nebula_fwa710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92221518-C7EA-46D7-8037-A580CEA01093",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA537481-4311-4C5E-B577-76C8A789FDAC",
              "versionEndExcluding": "1.15\\(accc.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52096C1F-F73C-413E-9D37-82EFA4703AEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B98AC59-4E5F-40AC-B6D6-DD669FAFEDCD",
              "versionEndExcluding": "4.19\\(abyc.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C821C282-A1E3-4E31-A0C3-96936A4D90CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr5103e_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60ABD202-BEB3-4E0D-98CB-30AAA54E5B3B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr5103e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C7B929-E318-4E17-8AF9-160C8613132D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63A72A80-DA68-4353-8FEA-D372180F8401",
              "versionEndExcluding": "1.00\\(abuv.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D27B24-9822-432C-8B8B-9546EE32DEC6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56958A5-2427-4A9A-BD40-3B548437CA36",
              "versionEndExcluding": "1.00\\(abyd.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1A15757-DE6F-4A72-9CAD-BAC04BD340A0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr7103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FD95007-25FD-4EF9-A461-19FBB4468B3D",
              "versionEndExcluding": "1.00\\(accz.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr7103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77584A2D-D878-46E5-A632-10912DC3B794",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ep240p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CB5CB3D-4EBA-4C71-886A-5FF336E9F842",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ep240p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91367DDE-F430-42F7-B4F2-28AEF7FDCB12",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm7320-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B9C504-41A4-4756-BDB0-2EE317F801AE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm7320-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6A479CC-D543-49A1-8A37-7E9D4A0F0009",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1141E1B7-B6B8-496B-A2CA-A9076D805741",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F1334B5-FC76-412F-A7EF-02EEEE677460",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5617ga_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366FB20C-6740-431A-A0CA-6EC3FDD3C505",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C1B0834-3398-41B0-9A14-7D97768732B4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5622ga_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61E8935-26CD-4664-A95C-1BCA77DBC4DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "840AF834-B7A6-4ACA-BAB9-996D87476D3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A buffer overflow vulnerability in the library of the web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de desbordamiento de b\u00fafer en la librer\u00eda del servidor web en el firmware Zyxel NR7101 anterior a V1.15(ACCC.3)C0, que podr\u00eda permitir que un atacante no autenticado ejecute algunos comandos del sistema operativo o cause condiciones de denegaci\u00f3n de servicio (DoS) en un dispositivo vulnerable."
    }
  ],
  "id": "CVE-2022-43389",
  "lastModified": "2024-11-21T07:26:22.850",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.7,
        "source": "security@zyxel.com.tw",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-01-11T02:15:11.073",
  "references": [
    {
      "source": "security@zyxel.com.tw",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
    }
  ],
  "sourceIdentifier": "security@zyxel.com.tw",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "security@zyxel.com.tw",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-03-01 07:15

Modified

2024-11-21 06:11

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.

References

▼	URL	Tags
	security@zyxel.com.tw	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability	Vendor Advisory

Impacted products

Vendor	Product	Version
zyxel	ax7501-b0_firmware	*
zyxel	ax7501-b0	-
zyxel	dx3301-t0_firmware	*
zyxel	dx3301-t0	-
zyxel	dx5401-b0_firmware	*
zyxel	dx5401-b0	-
zyxel	emg3525-t50b_firmware	*
zyxel	emg3525-t50b	-
zyxel	emg5523-t50b_firmware	*
zyxel	emg5523-t50b	-
zyxel	emg5723-t50k_firmware	*
zyxel	emg5723-t50k	-
zyxel	ep240p_firmware	*
zyxel	ep240p	-
zyxel	ex5401-b0_firmware	*
zyxel	ex5401-b0	-
zyxel	ex5501-b0_firmware	*
zyxel	ex5501-b0	-
zyxel	lte3301-plus_firmware	*
zyxel	lte3301-plus	-
zyxel	lte5388-m804_firmware	*
zyxel	lte5388-m804	-
zyxel	lte5388-s905_firmware	*
zyxel	lte5388-s905	-
zyxel	lte5398-m904_firmware	*
zyxel	lte5398-m904	-
zyxel	lte7240-m403_firmware	*
zyxel	lte7240-m403	-
zyxel	lte7461-m602_firmware	*
zyxel	lte7461-m602	-
zyxel	lte7480-m804_firmware	*
zyxel	lte7480-m804	-
zyxel	lte7480-s905_firmware	*
zyxel	lte7480-s905	-
zyxel	lte7485-s905_firmware	*
zyxel	lte7485-s905	-
zyxel	lte7490-m804_firmware	*
zyxel	lte7490-m804	-
zyxel	nr5101_firmware	*
zyxel	nr5101	-
zyxel	nr7101_firmware	*
zyxel	nr7101	-
zyxel	nr7102_firmware	*
zyxel	nr7102	-
zyxel	pm7300-t0_firmware	*
zyxel	pm7300-t0	-
zyxel	pmg5317-t20b_firmware	*
zyxel	pmg5317-t20b	-
zyxel	pmg5617-t20b2_firmware	*
zyxel	pmg5617-t20b2	-
zyxel	pmg5617ga_firmware	*
zyxel	pmg5617ga	-
zyxel	pmg5622ga_firmware	*
zyxel	pmg5622ga	-
zyxel	vmg3625-t50b_firmware	*
zyxel	vmg3625-t50b	-
zyxel	vmg3927-t50k_firmware	*
zyxel	vmg3927-t50k	-
zyxel	vmg8623-t50b_firmware	*
zyxel	vmg8623-t50b	-
zyxel	vmg8825-t50k_firmware	*
zyxel	vmg8825-t50k	-
zyxel	vmg3625-t50b_firmware	*
zyxel	vmg3625-t50b	-
zyxel	vmg3625-t50b_firmware	*
zyxel	vmg3625-t50b	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86A231B7-26ED-4BCC-99CC-ECC327B54B03",
              "versionEndExcluding": "5.17\\(abpc.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78473083-F702-4B81-AAA0-B66A0984FF6B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "788C6B76-4993-4ABD-83D1-DA6B0821026F",
              "versionEndExcluding": "5.50\\(abvy.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BBDC072-5D40-4130-9B5F-22FDA9BF909A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96C7FD75-7675-4EDD-BF3B-0298D092A11B",
              "versionEndExcluding": "5.17\\(abyo.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B293E564-2C48-442A-A415-34383DF3ADBA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96BDAAFD-9622-4A88-A7D1-F0312F466F1C",
              "versionEndExcluding": "5.50\\(abpm.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9259E2F6-885D-4B44-8D40-20758DA599D2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "144523AD-2BDE-408A-8FA2-EF3D5161158E",
              "versionEndExcluding": "5.50\\(abpm.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3ECE0EB-C429-4716-ABFB-73540847EB9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C08C685F-93D8-4C5D-AE9B-5A1E30985075",
              "versionEndExcluding": "5.50\\(abom.8\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B18982B2-E575-478E-A2B4-0932DE329056",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ep240p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "462A698C-23E5-4766-BD8A-31271DFDCA6F",
              "versionEndExcluding": "5.40\\(abvh.0\\)c0a03",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ep240p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91367DDE-F430-42F7-B4F2-28AEF7FDCB12",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D064FE76-DE01-42DA-824B-3FE6D3A52A6E",
              "versionEndExcluding": "5.17\\(abyo.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BB8CE5-ED23-43C8-AAFE-E619C0A5266B",
              "versionEndExcluding": "5.17\\(abry.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88B8CDD0-E73A-4FAA-9964-D8C09949CB32",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte3301-plus_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6716746F-4642-4BA8-B1FB-38CBE0FEFE65",
              "versionEndExcluding": "1.00\\(abqu.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4814D3A1-C0D4-4573-AD77-C2EE7AC11CB4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte5388-m804_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE41084-CC13-485C-A24E-E1994D5A0267",
              "versionEndExcluding": "1.00\\(abra.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte5388-m804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67FFCF7-ECE9-4644-B248-1B6E10AD9398",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte5388-s905_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95529AB7-F11A-4C46-9F06-B2E8E4C78054",
              "versionEndExcluding": "1.00\\(abvi.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte5388-s905:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9F91C02-6CEB-44E3-A56F-96B49191E04A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte5398-m904_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A257907C-446C-4A90-B313-947F38E06105",
              "versionEndExcluding": "1.00\\(abqv.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte5398-m904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F90453B8-19FF-4FF3-A167-E1A70E022201",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7240-m403_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF40EC3D-F6EB-49CB-9E7C-BA7B6F65656B",
              "versionEndExcluding": "2.00\\(abmg.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7240-m403:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAE2212F-D523-4706-9FD2-FDA760EE4B4F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7461-m602_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B67AC137-5B28-41B9-8F81-3DD703D7B962",
              "versionEndExcluding": "2.00\\(abqn.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7461-m602:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A307AD3-4E60-4859-B182-4CD4CB843757",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DFDC741-78E6-42AA-B647-DEE9F04AA2DD",
              "versionEndExcluding": "1.00\\(abra.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3480021-1538-48ED-BE89-BB0DF562C7DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7480-s905_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B911A91C-5252-4CAF-B915-E314833DDFCC",
              "versionEndExcluding": "2.00\\(abqt.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7480-s905:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7AF237-04F2-4054-96DE-3FD059CF4B35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7485-s905_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3FAF3DA-0C8A-4E60-B7C6-4E36D77E9D43",
              "versionEndExcluding": "1.00\\(abvn.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7485-s905:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09953F0-2415-45F7-811C-E9D1A361284C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7490-m804_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "094A13AB-92FC-482D-BB1A-DA28B088F29C",
              "versionEndExcluding": "v1.00\\(abqy.5\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7490-m804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3380C6EB-4D52-4EB1-802C-778DDBDC7D12",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr5101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EB8687A-EADF-4B15-8F41-78F1070E0CA3",
              "versionEndExcluding": "1.00\\(abvc.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr5101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11197D03-1C93-4D6A-950C-273E46CBBC62",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63A72A80-DA68-4353-8FEA-D372180F8401",
              "versionEndExcluding": "1.00\\(abuv.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D27B24-9822-432C-8B8B-9546EE32DEC6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56958A5-2427-4A9A-BD40-3B548437CA36",
              "versionEndExcluding": "1.00\\(abyd.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1A15757-DE6F-4A72-9CAD-BAC04BD340A0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4E0639D-0861-4A10-AFA6-8251AD2217BB",
              "versionEndExcluding": "5.42\\(acbc.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20FA4B81-5FE7-43D5-8A96-A1BF0CBA8CC6",
              "versionEndExcluding": "5.40\\(abki.4\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F1334B5-FC76-412F-A7EF-02EEEE677460",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFBE0FC-A355-4E32-A606-4130B2581CE1",
              "versionEndExcluding": "5.41\\(acbb.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5617ga_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E53F230A-806F-413B-BE4B-2A95645751DF",
              "versionEndExcluding": "5.40\\(abna.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C1B0834-3398-41B0-9A14-7D97768732B4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5622ga_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09514F76-89EC-4ADF-9400-F14BB917EF97",
              "versionEndExcluding": "5.40\\(abnb.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "840AF834-B7A6-4ACA-BAB9-996D87476D3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A689984-D14E-44AD-B86B-D165E3AF945E",
              "versionEndExcluding": "5.50\\(abtl.0\\)b2r",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A40BCD8-C6D5-4DD7-92A6-305886662570",
              "versionEndExcluding": "5.50\\(abom.8\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B33AE56-3948-494B-9E23-54D939DF0D3E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32CAA0D0-8385-4333-9D94-A08F81C61FAD",
              "versionEndExcluding": "5.50\\(abpm.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F7F95B3-A92F-492F-AE07-ABC54A3158AB",
              "versionEndExcluding": "5.50\\(abom.8\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C2320B-52DF-4F86-86D2-42FB62337773",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:central_america:*:*:*",
              "matchCriteriaId": "997AEAFA-6689-40C4-AC5E-97E2935272A0",
              "versionEndExcluding": "5.50\\(accr.0\\)b4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:emea:*:*:*",
              "matchCriteriaId": "DBA31900-874A-495B-858E-18C8E1CEA3BC",
              "versionEndExcluding": "5.50\\(abpm.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de almacenamiento de informaci\u00f3n en texto claro en la versi\u00f3n V5.50(ABTL.0)b2k del firmware de Zyxel VMG3625-T50B podr\u00eda permitir a un atacante autenticado obtener informaci\u00f3n sensible del archivo de configuraci\u00f3n"
    }
  ],
  "id": "CVE-2021-35036",
  "lastModified": "2024-11-21T06:11:43.343",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "security@zyxel.com.tw",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-03-01T07:15:06.917",
  "references": [
    {
      "source": "security@zyxel.com.tw",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-cleartext-storage-of-information-vulnerability"
    }
  ],
  "sourceIdentifier": "security@zyxel.com.tw",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-312"
        }
      ],
      "source": "security@zyxel.com.tw",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-312"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-01-11 02:15

Modified

2024-11-21 07:26

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.

References

▼	URL	Tags
	security@zyxel.com.tw	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders	Vendor Advisory

Impacted products

Vendor	Product	Version
zyxel	lte3301-plus_firmware	-
zyxel	lte3301-plus	-
zyxel	lte5388-m804_firmware	-
zyxel	lte5388-m804	-
zyxel	lte5398-m904_firmware	-
zyxel	lte5398-m904	-
zyxel	lte7240-m403_firmware	-
zyxel	lte7240-m403	-
zyxel	lte7461-m602_firmware	-
zyxel	lte7461-m602	-
zyxel	lte7480-m804_firmware	*
zyxel	lte7480-m804	-
zyxel	lte7480-s905_firmware	-
zyxel	lte7480-s905	-
zyxel	lte7485-s905_firmware	-
zyxel	lte7485-s905	-
zyxel	lte7490-m904_firmware	*
zyxel	lte7490-m904	-
zyxel	nebula_lte3301-plus_firmware	*
zyxel	nebula_lte3301-plus	-
zyxel	nebula_lte7461-m602_firmware	*
zyxel	nebula_lte7461-m602	-
zyxel	nebula_nr5101_firmware	*
zyxel	nebula_nr5101	-
zyxel	nebula_nr7101_firmware	*
zyxel	nebula_nr7101	-
zyxel	nr5101_firmware	*
zyxel	nr5101	-
zyxel	nr7101_firmware	*
zyxel	nr7101	-
zyxel	nr7102_firmware	*
zyxel	nr7102	-
zyxel	dx3301-t0_firmware	-
zyxel	dx3301-t0	-
zyxel	dx4510-b1_firmware	-
zyxel	dx4510-b1	-
zyxel	dx5401-b0_firmware	-
zyxel	dx5401-b0	-
zyxel	emg3525-t50b_firmware	-
zyxel	emg3525-t50b	-
zyxel	emg5523-t50b_firmware	-
zyxel	emg5523-t50b	-
zyxel	emg5723-t50k_firmware	-
zyxel	emg5723-t50k	-
zyxel	ex3301-t0_firmware	-
zyxel	ex3301-t0	-
zyxel	ex3510-b0_firmware	*
zyxel	ex3510-b0	-
zyxel	ex5401-b0_firmware	-
zyxel	ex5401-b0	-
zyxel	ex5501-b0_firmware	-
zyxel	ex5501-b0	-
zyxel	ex5510-b0_firmware	*
zyxel	ex5510-b0	-
zyxel	ex5512-t0_firmware	-
zyxel	ex5512-t0	-
zyxel	ex5600-t1_firmware	-
zyxel	ex5600-t1	-
zyxel	ex5601-t0_firmware	-
zyxel	ex5601-t0	-
zyxel	ex5601-t1_firmware	-
zyxel	ex5601-t1	-
zyxel	vmg3927-t50k_firmware	-
zyxel	vmg3927-t50k	-
zyxel	vmg4005-b50a_firmware	-
zyxel	vmg4005-b50a	-
zyxel	vmg4005-b60a_firmware	-
zyxel	vmg4005-b60a	-
zyxel	vmg8623-t50b_firmware	-
zyxel	vmg8623-t50b	-
zyxel	vmg8825-t50k_firmware	-
zyxel	vmg8825-t50k	-
zyxel	ax7501-b0_firmware	-
zyxel	ax7501-b0	-
zyxel	pm3100-t0_firmware	-
zyxel	pm3100-t0	-
zyxel	pm5100-t0_firmware	-
zyxel	pm5100-t0	-
zyxel	pm7300-t0_firmware	-
zyxel	pm7300-t0	-
zyxel	pm7320-b0_firmware	-
zyxel	pm7320-b0	-
zyxel	pmg5317-t20b_firmware	-
zyxel	pmg5317-t20b	-
zyxel	pmg5617-t20b2_firmware	-
zyxel	pmg5617-t20b2	-
zyxel	pmg5617ga_firmware	-
zyxel	pmg5617ga	-
zyxel	pmg5622ga_firmware	-
zyxel	pmg5622ga	-
zyxel	wx3100-t0_firmware	-
zyxel	wx3100-t0	-
zyxel	wx3401-b0_firmware	-
zyxel	wx3401-b0	-
zyxel	wx5600-t0_firmware	-
zyxel	wx5600-t0	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte3301-plus_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E3A51F-C92D-4E83-A05E-A26225D4CFDD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4814D3A1-C0D4-4573-AD77-C2EE7AC11CB4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte5388-m804_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A7440E3-02F9-4416-A571-0008EA8206F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte5388-m804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67FFCF7-ECE9-4644-B248-1B6E10AD9398",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte5398-m904_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D18788-84EE-4880-B70D-DE385C5C1100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte5398-m904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F90453B8-19FF-4FF3-A167-E1A70E022201",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7240-m403_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDC6FB56-8601-49D2-BD8C-4D373CF5ACD6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7240-m403:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAE2212F-D523-4706-9FD2-FDA760EE4B4F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7461-m602_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEE2F4F-8E90-4D2D-BFDE-DD5B23897087",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7461-m602:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A307AD3-4E60-4859-B182-4CD4CB843757",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DFDC741-78E6-42AA-B647-DEE9F04AA2DD",
              "versionEndExcluding": "1.00\\(abra.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3480021-1538-48ED-BE89-BB0DF562C7DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7480-s905_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DCAE189-6379-40E6-A4FA-1E0431CCCD09",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7480-s905:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7AF237-04F2-4054-96DE-3FD059CF4B35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7485-s905_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59DDDBA4-966E-4143-9A33-A2431383A732",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7485-s905:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09953F0-2415-45F7-811C-E9D1A361284C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7490-m904_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB812F29-2FAE-414C-9047-2471148B1E36",
              "versionEndExcluding": "1.00\\(abqy.5\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC75F6DE-DCAF-47A0-B6BB-0E050C68AF25",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD8C47E-C19E-4848-9898-CE0AAF05B0DD",
              "versionEndExcluding": "1.15\\(acca.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "42297A6A-3E50-4E9E-ABF6-58C77F222DC1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nebula_lte7461-m602_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BF0A17A-5F34-4CD7-8A67-DA277CF78CFC",
              "versionEndExcluding": "1.15\\(acev.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nebula_lte7461-m602:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44AA94AF-24B0-4C91-A990-9418EA5A5DAC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nebula_nr5101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01D0F1E5-B9F0-4B64-8331-D18641EC161F",
              "versionEndExcluding": "1.15\\(accg.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nebula_nr5101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9F605B8-A892-4119-AB7A-D14CDC5DFC88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA537481-4311-4C5E-B577-76C8A789FDAC",
              "versionEndExcluding": "1.15\\(accc.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52096C1F-F73C-413E-9D37-82EFA4703AEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr5101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EB8687A-EADF-4B15-8F41-78F1070E0CA3",
              "versionEndExcluding": "1.00\\(abvc.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr5101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11197D03-1C93-4D6A-950C-273E46CBBC62",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63A72A80-DA68-4353-8FEA-D372180F8401",
              "versionEndExcluding": "1.00\\(abuv.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D27B24-9822-432C-8B8B-9546EE32DEC6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56958A5-2427-4A9A-BD40-3B548437CA36",
              "versionEndExcluding": "1.00\\(abyd.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1A15757-DE6F-4A72-9CAD-BAC04BD340A0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:dx3301-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78DE37DB-6F39-48FE-8CE9-626036234C16",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BBDC072-5D40-4130-9B5F-22FDA9BF909A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:dx4510-b1_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F40E06-666B-490C-84F7-1A7B49834CC1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8668990-045A-4DDD-9089-DE0025B69765",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:dx5401-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE285587-D5F3-42E5-ACB6-BDD03A50236C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B293E564-2C48-442A-A415-34383DF3ADBA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg3525-t50b_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4917CDD6-B5D9-4674-AE43-B75B60B8289E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9259E2F6-885D-4B44-8D40-20758DA599D2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg5523-t50b_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DEAC05-EB3A-451D-9C0F-8D22B8886605",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3ECE0EB-C429-4716-ABFB-73540847EB9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg5723-t50k_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1219D188-2A83-41EC-AC8D-694901E6067C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B18982B2-E575-478E-A2B4-0932DE329056",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex3301-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1F9ACE-DA82-4449-ADF9-5F8F540B812E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4434EF63-63EA-4A27-A6EF-CEE3000E9F02",
              "versionEndExcluding": "5.17\\(abup.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5401-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D01EDB-A41C-4FC1-9C4B-38B69360BE90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5501-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87D32815-5026-4A9A-8C8E-C30F154833AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88B8CDD0-E73A-4FAA-9964-D8C09949CB32",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1EC2DCD-97F2-4E13-AE82-468DBF052C4E",
              "versionEndExcluding": "5.17\\(abqx.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5512-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FF2B306-1EBD-4A14-A865-94C50F2F036D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5600-t1_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6C46819-2848-4C0D-B360-F6987E9D3A82",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5600-t1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "021CFB91-4627-4080-BF09-0BB5EFA708DD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5601-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E7B377-3CF1-4BF5-A960-75952BC382D0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABFF2039-5DCC-4850-8BDA-3D418629C226",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5601-t1_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D41D53E2-CB40-4715-A2B5-E9E87C1F3AE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D629D4B6-B2F2-45F1-9295-71751570C231",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EBF0F8D-90CC-4089-AC9A-665348D27331",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B33AE56-3948-494B-9E23-54D939DF0D3E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD68CC70-242D-4A88-B182-DB68D2086225",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88F74228-AC0C-4150-974D-54D77BBF9A90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B59AA0D1-9564-48FA-A0AF-C1FC67C0D1EC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C75B24C-177A-470B-BCDE-39D31B0199F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8901BBA-F2D4-49B8-80CF-4BABB5D2F365",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C2320B-52DF-4F86-86D2-42FB62337773",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ax7501-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6F890C3-F15D-4154-8E70-1529C7C8D89A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78473083-F702-4B81-AAA0-B66A0984FF6B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm3100-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D85D00E0-AA47-48AD-8914-A443482D7D7F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F78F88D4-A782-4075-A3CB-A728CE4014DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm5100-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E683B32-A1A0-4DA4-81C4-61513E9E585F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm7300-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "481013ED-2B6F-4FBB-881A-C0CD038C5FDA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm7320-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B9C504-41A4-4756-BDB0-2EE317F801AE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm7320-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6A479CC-D543-49A1-8A37-7E9D4A0F0009",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1141E1B7-B6B8-496B-A2CA-A9076D805741",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F1334B5-FC76-412F-A7EF-02EEEE677460",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CA3BD8C-4FBB-45B6-AB00-55F7D5BA3C1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5617ga_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366FB20C-6740-431A-A0CA-6EC3FDD3C505",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C1B0834-3398-41B0-9A14-7D97768732B4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5622ga_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61E8935-26CD-4664-A95C-1BCA77DBC4DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "840AF834-B7A6-4ACA-BAB9-996D87476D3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wx3100-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA532797-C2BF-4A37-9A36-92F1115150AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2C56248-D12F-46DC-A52F-0607E4A5DCCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wx3401-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E011E78-E7E7-4F84-9A7D-A6548AFBE30C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "677C554B-F9C7-4780-97C0-6021146F8B3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wx5600-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ED109DF-7C43-4CEC-AC2C-80762B60C776",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.\n\n"
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de desbordamiento de b\u00fafer en el par\u00e1metro del servidor web en el firmware Zyxel NR7101 anterior a V1.15(ACCC.3)C0, que podr\u00eda permitir que un atacante autenticado cause condiciones de denegaci\u00f3n de servicio (DoS) mediante el env\u00edo de una solicitud de autorizaci\u00f3n manipulada."
    }
  ],
  "id": "CVE-2022-43392",
  "lastModified": "2024-11-21T07:26:23.490",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "security@zyxel.com.tw",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-01-11T02:15:11.327",
  "references": [
    {
      "source": "security@zyxel.com.tw",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
    }
  ],
  "sourceIdentifier": "security@zyxel.com.tw",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "security@zyxel.com.tw",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-04-11 13:15

Modified

2024-11-21 06:53

Severity ?

8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.

References

▼	URL	Tags
	security@zyxel.com.tw	https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml	Vendor Advisory

Impacted products

Vendor	Product	Version
zyxel	vmg3312-t20a_firmware	5.30\(abfx.5\)c0
zyxel	vmg3312-t20a	-
zyxel	emg3525-t50b_firmware	*
zyxel	emg3525-t50b_firmware	*
zyxel	emg3525-t50b	-
zyxel	emg5523-t50b_firmware	*
zyxel	emg5523-t50b_firmware	*
zyxel	emg5523-t50b	-
zyxel	emg5723-t50k_firmware	*
zyxel	emg5723-t50k	-
zyxel	emg6726-b10a_firmware	*
zyxel	emg6726-b10a	-
zyxel	vmg1312-t20b_firmware	*
zyxel	vmg1312-t20b	-
zyxel	vmg3625-t50b_firmware	*
zyxel	vmg3625-t50b	-
zyxel	vmg3927-b50a_firmware	*
zyxel	vmg3927-b50a	-
zyxel	vmg3927-b50b_firmware	*
zyxel	vmg3927-b50b	-
zyxel	vmg3927-b60a_firmware	*
zyxel	vmg3927-b60a	-
zyxel	vmg3927-t50k_firmware	*
zyxel	vmg3927-t50k	-
zyxel	vmg4927-b50a_firmware	*
zyxel	vmg4927-b50a	-
zyxel	vmg8623-t50b_firmware	*
zyxel	vmg8623-t50b	-
zyxel	vmg8825-b50a_firmware	*
zyxel	vmg8825-b50a	-
zyxel	vmg8825-b50b_firmware	*
zyxel	vmg8825-b50b	-
zyxel	vmg8825-t50k_firmware	*
zyxel	vmg8825-t50k	-
zyxel	vmg8825-b60a_firmware	*
zyxel	vmg8825-b60a	-
zyxel	vmg8825-b60b_firmware	*
zyxel	vmg8825-b60b	-
zyxel	xmg3927-b50a_firmware	*
zyxel	xmg3927-b50a	-
zyxel	xmg8825-b50a_firmware	*
zyxel	xmg8825-b50a	-
zyxel	dx5401-b0_firmware	*
zyxel	dx5401-b0	-
zyxel	ex3510-b0_firmware	*
zyxel	ex3510-b0	-
zyxel	ex5401-b0_firmware	*
zyxel	ex5401-b0	-
zyxel	ex5501-b0_firmware	*
zyxel	ex5501-b0	-
zyxel	ax7501-b0_firmware	*
zyxel	ax7501-b0	-
zyxel	ep240p_firmware	*
zyxel	ep240p	-
zyxel	pm7300-t0_firmware	*
zyxel	pm7300-t0	-
zyxel	pmg5317-t20b_firmware	*
zyxel	pmg5317-t20b	-
zyxel	pmg5617ga_firmware	*
zyxel	pmg5617ga	-
zyxel	pmg5617-t20b2_firmware	*
zyxel	pmg5617-t20b2	-
zyxel	pmg5622ga_firmware	*
zyxel	pmg5622ga	-
zyxel	px7501-b0_firmware	*
zyxel	px7501-b0	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3312-t20a_firmware:5.30\\(abfx.5\\)c0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF433563-7AA7-41BF-9ECF-F1E1B9C5C1C4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3312-t20a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59AF3952-10E9-4AC8-BA25-BA5C3C203063",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:america:*:*:*",
              "matchCriteriaId": "FE982B82-95DD-40FA-8A7E-F6EB44323692",
              "versionEndExcluding": "5.50\\(abpm.6\\)c0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:emea:*:*:*",
              "matchCriteriaId": "EB52E6B4-08EF-4427-AA01-E783C9F1FCF4",
              "versionEndExcluding": "5.50\\(abpm.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9259E2F6-885D-4B44-8D40-20758DA599D2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:america:*:*:*",
              "matchCriteriaId": "A48A0914-787A-4884-909E-3332DD472873",
              "versionEndExcluding": "5.50\\(abpm.6\\)c0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:emea:*:*:*",
              "matchCriteriaId": "1B417B43-F5C6-4551-BD4E-7E2706BCF8B9",
              "versionEndExcluding": "5.50\\(abpm.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3ECE0EB-C429-4716-ABFB-73540847EB9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FAE1EA0-A113-4324-8347-838A01B00437",
              "versionEndExcluding": "5.50\\(abom.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B18982B2-E575-478E-A2B4-0932DE329056",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D931985-C10C-41C4-B459-FC454DE8C9FA",
              "versionEndExcluding": "5.13\\(abnp.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "304D3B33-F7EC-4EB3-B6EF-6BEB2112F9C0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg1312-t20b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5252A997-772F-4785-8440-B7909A9860A8",
              "versionEndExcluding": "5.50\\(absb.5\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg1312-t20b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37348176-08FD-40F0-9903-05ABABBB1F5C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "331ACFBC-2467-45CC-82A3-717C93D34D02",
              "versionEndExcluding": "5.50\\(abpm.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3927-b50a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "291B5E34-3870-46DD-9A74-2D2FFD1B6E52",
              "versionEndExcluding": "5.17\\(abmt.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3927-b50a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F814684F-D45D-4EF8-A294-A6122B7A760B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D55734D-F4F4-4C97-BC31-7B532DA47EA9",
              "versionEndExcluding": "5.13\\(ably.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94BE349D-EC30-4EB7-8B68-EA7223364A4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3927-b60a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D4293E4-AE61-4978-A750-D5FAF442D67B",
              "versionEndExcluding": "5.17\\(abmt.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3927-b60a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C11501-33FD-4421-909E-E6533EF6F03A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8201B9D7-433E-4D79-9115-FA1F25223121",
              "versionEndExcluding": "5.50\\(abom.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B33AE56-3948-494B-9E23-54D939DF0D3E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "543081DE-AEC8-4658-AAE4-63EE1A261645",
              "versionEndExcluding": "5.13\\(ably.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0EE70D2-51BB-4E45-8995-655C1394C440",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A24F15A-1F77-413C-9BD1-CFBE890ACD31",
              "versionEndExcluding": "5.50\\(abpm.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8825-b50a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDACBF89-DCA8-43F0-91BF-8A29E63B33BD",
              "versionEndExcluding": "5.17\\(abmt.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8825-b50a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED88F55C-C687-4413-BEC8-DEB15D6AA2F2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8825-b50b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8B10EC6-E8B2-4619-8F9D-10516569B806",
              "versionEndExcluding": "5.17\\(abny.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8825-b50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D66B624-EAAA-4C2D-BBE6-D0A0ED6BD5F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0933D98-49F6-4B0F-9D04-2149BFB7FB7F",
              "versionEndExcluding": "5.50\\(abom.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C2320B-52DF-4F86-86D2-42FB62337773",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8825-b60a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "502EBC83-0E8D-4B13-BA0D-040B40C58A1D",
              "versionEndExcluding": "5.17\\(abmt.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8825-b60a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7654E872-36CA-4502-9B91-01741D6E4F46",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8825-b60b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B963909-27C2-43A6-9479-EE2F863FC817",
              "versionEndExcluding": "5.17\\(abny.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8825-b60b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6368C175-7D1B-4F70-B11F-B8CE7FBE0B82",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:xmg3927-b50a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E3153A-08CF-4F02-97EA-B68751EE7791",
              "versionEndExcluding": "5.17\\(abmt.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:xmg3927-b50a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99B19AC3-D417-48C7-8C18-F5516794260B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:xmg8825-b50a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E58CAE-3737-406F-9647-B59598A6733A",
              "versionEndExcluding": "5.17\\(abmt.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:xmg8825-b50a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4861B59F-AB86-4A4D-A04C-6EE68EC4A206",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C91B77C-EC30-4C88-AAEB-330B7A3E0470",
              "versionEndExcluding": "5.17\\(abyo.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B293E564-2C48-442A-A415-34383DF3ADBA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C6781DA-4800-47E9-BB67-89ACC0F43D04",
              "versionEndExcluding": "5.17\\(abup.4\\)c1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3B44185-756B-4B9B-A377-DB3191606702",
              "versionEndExcluding": "5.17\\(abyo.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "291AA836-D0F7-4AD7-8D76-0F1A5B9ECCCF",
              "versionEndExcluding": "5.17\\(abry.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88B8CDD0-E73A-4FAA-9964-D8C09949CB32",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EF7BC18-210C-4E21-A850-61A8D6B701BE",
              "versionEndExcluding": "5.17\\(abpc.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78473083-F702-4B81-AAA0-B66A0984FF6B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ep240p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "457C1585-BD6F-4C3A-953D-96194EDD065E",
              "versionEndExcluding": "5.40\\(abh.0\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ep240p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91367DDE-F430-42F7-B4F2-28AEF7FDCB12",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4E0639D-0861-4A10-AFA6-8251AD2217BB",
              "versionEndExcluding": "5.42\\(acbc.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20FA4B81-5FE7-43D5-8A96-A1BF0CBA8CC6",
              "versionEndExcluding": "5.40\\(abki.4\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F1334B5-FC76-412F-A7EF-02EEEE677460",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5617ga_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E53F230A-806F-413B-BE4B-2A95645751DF",
              "versionEndExcluding": "5.40\\(abna.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C1B0834-3398-41B0-9A14-7D97768732B4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFBE0FC-A355-4E32-A606-4130B2581CE1",
              "versionEndExcluding": "5.41\\(acbb.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5622ga_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09514F76-89EC-4ADF-9400-F14BB917EF97",
              "versionEndExcluding": "5.40\\(abnb.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "840AF834-B7A6-4ACA-BAB9-996D87476D3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:px7501-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C655ED2E-A791-40B7-99C5-FF3F874A2A27",
              "versionEndExcluding": "5.17\\(abpc.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:px7501-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "076C6AD3-E8A3-4639-805E-20FA866BDFDD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de inyecci\u00f3n de comandos en el programa CGI del  firmware de Zyxel VMG3312-T20A versi\u00f3n 5.30(ABFX.5)C0,  podr\u00eda permitir a un atacante local autenticado ejecutar comandos arbitrarios del Sistema Operativo en un dispositivo vulnerable por medio de una interfaz LAN"
    }
  ],
  "id": "CVE-2022-26413",
  "lastModified": "2024-11-21T06:53:54.313",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.7,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 5.1,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 5.9,
        "source": "security@zyxel.com.tw",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-04-11T13:15:07.763",
  "references": [
    {
      "source": "security@zyxel.com.tw",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
    }
  ],
  "sourceIdentifier": "security@zyxel.com.tw",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "security@zyxel.com.tw",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-04-11 13:15

Modified

2024-11-21 06:53

Severity ?

6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.

References

▼	URL	Tags
	security@zyxel.com.tw	https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml	Vendor Advisory

Impacted products

Vendor	Product	Version
zyxel	vmg3312-t20a_firmware	5.30\(abfx.5\)c0
zyxel	vmg3312-t20a	-
zyxel	emg3525-t50b_firmware	*
zyxel	emg3525-t50b_firmware	*
zyxel	emg3525-t50b	-
zyxel	emg5523-t50b_firmware	*
zyxel	emg5523-t50b_firmware	*
zyxel	emg5523-t50b	-
zyxel	emg5723-t50k_firmware	*
zyxel	emg5723-t50k	-
zyxel	emg6726-b10a_firmware	*
zyxel	emg6726-b10a	-
zyxel	vmg1312-t20b_firmware	*
zyxel	vmg1312-t20b	-
zyxel	vmg3625-t50b_firmware	*
zyxel	vmg3625-t50b	-
zyxel	vmg3927-b50a_firmware	*
zyxel	vmg3927-b50a	-
zyxel	vmg3927-b50b_firmware	*
zyxel	vmg3927-b50b	-
zyxel	vmg3927-b60a_firmware	*
zyxel	vmg3927-b60a	-
zyxel	vmg3927-t50k_firmware	*
zyxel	vmg3927-t50k	-
zyxel	vmg4927-b50a_firmware	*
zyxel	vmg4927-b50a	-
zyxel	vmg8623-t50b_firmware	*
zyxel	vmg8623-t50b	-
zyxel	vmg8825-b50a_firmware	*
zyxel	vmg8825-b50a	-
zyxel	vmg8825-b50b_firmware	*
zyxel	vmg8825-b50b	-
zyxel	vmg8825-t50k_firmware	*
zyxel	vmg8825-t50k	-
zyxel	vmg8825-b60a_firmware	*
zyxel	vmg8825-b60a	-
zyxel	vmg8825-b60b_firmware	*
zyxel	vmg8825-b60b	-
zyxel	xmg3927-b50a_firmware	*
zyxel	xmg3927-b50a	-
zyxel	xmg8825-b50a_firmware	*
zyxel	xmg8825-b50a	-
zyxel	dx5401-b0_firmware	*
zyxel	dx5401-b0	-
zyxel	ex3510-b0_firmware	*
zyxel	ex3510-b0	-
zyxel	ex5401-b0_firmware	*
zyxel	ex5401-b0	-
zyxel	ex5501-b0_firmware	*
zyxel	ex5501-b0	-
zyxel	ax7501-b0_firmware	*
zyxel	ax7501-b0	-
zyxel	ep240p_firmware	*
zyxel	ep240p	-
zyxel	pm7300-t0_firmware	*
zyxel	pm7300-t0	-
zyxel	pmg5317-t20b_firmware	*
zyxel	pmg5317-t20b	-
zyxel	pmg5617ga_firmware	*
zyxel	pmg5617ga	-
zyxel	pmg5617-t20b2_firmware	*
zyxel	pmg5617-t20b2	-
zyxel	pmg5622ga_firmware	*
zyxel	pmg5622ga	-
zyxel	px7501-b0_firmware	*
zyxel	px7501-b0	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3312-t20a_firmware:5.30\\(abfx.5\\)c0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF433563-7AA7-41BF-9ECF-F1E1B9C5C1C4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3312-t20a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59AF3952-10E9-4AC8-BA25-BA5C3C203063",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:america:*:*:*",
              "matchCriteriaId": "FE982B82-95DD-40FA-8A7E-F6EB44323692",
              "versionEndExcluding": "5.50\\(abpm.6\\)c0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:emea:*:*:*",
              "matchCriteriaId": "EB52E6B4-08EF-4427-AA01-E783C9F1FCF4",
              "versionEndExcluding": "5.50\\(abpm.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9259E2F6-885D-4B44-8D40-20758DA599D2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:america:*:*:*",
              "matchCriteriaId": "A48A0914-787A-4884-909E-3332DD472873",
              "versionEndExcluding": "5.50\\(abpm.6\\)c0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:emea:*:*:*",
              "matchCriteriaId": "1B417B43-F5C6-4551-BD4E-7E2706BCF8B9",
              "versionEndExcluding": "5.50\\(abpm.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3ECE0EB-C429-4716-ABFB-73540847EB9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FAE1EA0-A113-4324-8347-838A01B00437",
              "versionEndExcluding": "5.50\\(abom.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B18982B2-E575-478E-A2B4-0932DE329056",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D931985-C10C-41C4-B459-FC454DE8C9FA",
              "versionEndExcluding": "5.13\\(abnp.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "304D3B33-F7EC-4EB3-B6EF-6BEB2112F9C0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg1312-t20b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5252A997-772F-4785-8440-B7909A9860A8",
              "versionEndExcluding": "5.50\\(absb.5\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg1312-t20b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37348176-08FD-40F0-9903-05ABABBB1F5C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "331ACFBC-2467-45CC-82A3-717C93D34D02",
              "versionEndExcluding": "5.50\\(abpm.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3927-b50a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "291B5E34-3870-46DD-9A74-2D2FFD1B6E52",
              "versionEndExcluding": "5.17\\(abmt.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3927-b50a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F814684F-D45D-4EF8-A294-A6122B7A760B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D55734D-F4F4-4C97-BC31-7B532DA47EA9",
              "versionEndExcluding": "5.13\\(ably.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94BE349D-EC30-4EB7-8B68-EA7223364A4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3927-b60a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D4293E4-AE61-4978-A750-D5FAF442D67B",
              "versionEndExcluding": "5.17\\(abmt.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3927-b60a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C11501-33FD-4421-909E-E6533EF6F03A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8201B9D7-433E-4D79-9115-FA1F25223121",
              "versionEndExcluding": "5.50\\(abom.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B33AE56-3948-494B-9E23-54D939DF0D3E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "543081DE-AEC8-4658-AAE4-63EE1A261645",
              "versionEndExcluding": "5.13\\(ably.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0EE70D2-51BB-4E45-8995-655C1394C440",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A24F15A-1F77-413C-9BD1-CFBE890ACD31",
              "versionEndExcluding": "5.50\\(abpm.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8825-b50a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDACBF89-DCA8-43F0-91BF-8A29E63B33BD",
              "versionEndExcluding": "5.17\\(abmt.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8825-b50a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED88F55C-C687-4413-BEC8-DEB15D6AA2F2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8825-b50b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8B10EC6-E8B2-4619-8F9D-10516569B806",
              "versionEndExcluding": "5.17\\(abny.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8825-b50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D66B624-EAAA-4C2D-BBE6-D0A0ED6BD5F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0933D98-49F6-4B0F-9D04-2149BFB7FB7F",
              "versionEndExcluding": "5.50\\(abom.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C2320B-52DF-4F86-86D2-42FB62337773",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8825-b60a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "502EBC83-0E8D-4B13-BA0D-040B40C58A1D",
              "versionEndExcluding": "5.17\\(abmt.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8825-b60a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7654E872-36CA-4502-9B91-01741D6E4F46",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8825-b60b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B963909-27C2-43A6-9479-EE2F863FC817",
              "versionEndExcluding": "5.17\\(abny.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8825-b60b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6368C175-7D1B-4F70-B11F-B8CE7FBE0B82",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:xmg3927-b50a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E3153A-08CF-4F02-97EA-B68751EE7791",
              "versionEndExcluding": "5.17\\(abmt.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:xmg3927-b50a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99B19AC3-D417-48C7-8C18-F5516794260B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:xmg8825-b50a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E58CAE-3737-406F-9647-B59598A6733A",
              "versionEndExcluding": "5.17\\(abmt.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:xmg8825-b50a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4861B59F-AB86-4A4D-A04C-6EE68EC4A206",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C91B77C-EC30-4C88-AAEB-330B7A3E0470",
              "versionEndExcluding": "5.17\\(abyo.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B293E564-2C48-442A-A415-34383DF3ADBA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C6781DA-4800-47E9-BB67-89ACC0F43D04",
              "versionEndExcluding": "5.17\\(abup.4\\)c1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3B44185-756B-4B9B-A377-DB3191606702",
              "versionEndExcluding": "5.17\\(abyo.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "291AA836-D0F7-4AD7-8D76-0F1A5B9ECCCF",
              "versionEndExcluding": "5.17\\(abry.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88B8CDD0-E73A-4FAA-9964-D8C09949CB32",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EF7BC18-210C-4E21-A850-61A8D6B701BE",
              "versionEndExcluding": "5.17\\(abpc.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78473083-F702-4B81-AAA0-B66A0984FF6B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ep240p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "457C1585-BD6F-4C3A-953D-96194EDD065E",
              "versionEndExcluding": "5.40\\(abh.0\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ep240p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91367DDE-F430-42F7-B4F2-28AEF7FDCB12",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4E0639D-0861-4A10-AFA6-8251AD2217BB",
              "versionEndExcluding": "5.42\\(acbc.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20FA4B81-5FE7-43D5-8A96-A1BF0CBA8CC6",
              "versionEndExcluding": "5.40\\(abki.4\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F1334B5-FC76-412F-A7EF-02EEEE677460",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5617ga_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E53F230A-806F-413B-BE4B-2A95645751DF",
              "versionEndExcluding": "5.40\\(abna.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C1B0834-3398-41B0-9A14-7D97768732B4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFBE0FC-A355-4E32-A606-4130B2581CE1",
              "versionEndExcluding": "5.41\\(acbb.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5622ga_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09514F76-89EC-4ADF-9400-F14BB917EF97",
              "versionEndExcluding": "5.40\\(abnb.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "840AF834-B7A6-4ACA-BAB9-996D87476D3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:px7501-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C655ED2E-A791-40B7-99C5-FF3F874A2A27",
              "versionEndExcluding": "5.17\\(abpc.1\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:px7501-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "076C6AD3-E8A3-4639-805E-20FA866BDFDD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una potencial vulnerabilidad de desbordamiento de b\u00fafer en algunas funciones internas del firmware de Zyxel VMG3312-T20A versi\u00f3n 5.30(ABFX.5)C0, que podr\u00eda ser aprovechada por un atacante local autenticado para causar una denegaci\u00f3n de servicio"
    }
  ],
  "id": "CVE-2022-26414",
  "lastModified": "2024-11-21T06:53:54.453",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.2,
        "source": "security@zyxel.com.tw",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-04-11T13:15:07.857",
  "references": [
    {
      "source": "security@zyxel.com.tw",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
    }
  ],
  "sourceIdentifier": "security@zyxel.com.tw",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "security@zyxel.com.tw",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-01-11 02:15

Modified

2024-11-21 07:26

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.

References

▼	URL	Tags
	security@zyxel.com.tw	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders	Vendor Advisory

Impacted products

Vendor	Product	Version
zyxel	lte7480-m804_firmware	*
zyxel	lte7480-m804	-
zyxel	lte7490-m904_firmware	*
zyxel	lte7490-m904	-
zyxel	nebula_nr5101_firmware	*
zyxel	nebula_nr5101	-
zyxel	nebula_nr7101_firmware	*
zyxel	nebula_nr7101	-
zyxel	nr5101_firmware	*
zyxel	nr5101	-
zyxel	nr7101_firmware	*
zyxel	nr7101	-
zyxel	nr7102_firmware	*
zyxel	nr7102	-
zyxel	dx3301-t0_firmware	-
zyxel	dx3301-t0	-
zyxel	dx4510-b1_firmware	-
zyxel	dx4510-b1	-
zyxel	dx5401-b0_firmware	-
zyxel	dx5401-b0	-
zyxel	emg3525-t50b_firmware	-
zyxel	emg3525-t50b	-
zyxel	emg5523-t50b_firmware	-
zyxel	emg5523-t50b	-
zyxel	emg5723-t50k_firmware	-
zyxel	emg5723-t50k	-
zyxel	ex3301-t0_firmware	-
zyxel	ex3301-t0	-
zyxel	ex3510-b0_firmware	*
zyxel	ex3510-b0	-
zyxel	ex5401-b0_firmware	-
zyxel	ex5401-b0	-
zyxel	ex5501-b0_firmware	-
zyxel	ex5501-b0	-
zyxel	ex5510-b0_firmware	*
zyxel	ex5510-b0	-
zyxel	ex5512-t0_firmware	-
zyxel	ex5512-t0	-
zyxel	ex5600-t1_firmware	-
zyxel	ex5600-t1	-
zyxel	ex5601-t0_firmware	-
zyxel	ex5601-t0	-
zyxel	ex5601-t1_firmware	-
zyxel	ex5601-t1	-
zyxel	vmg3927-t50k_firmware	-
zyxel	vmg3927-t50k	-
zyxel	vmg4005-b50a_firmware	-
zyxel	vmg4005-b50a	-
zyxel	vmg4005-b60a_firmware	-
zyxel	vmg4005-b60a	-
zyxel	vmg8623-t50b_firmware	-
zyxel	vmg8623-t50b	-
zyxel	vmg8825-t50k_firmware	-
zyxel	vmg8825-t50k	-
zyxel	ax7501-b0_firmware	-
zyxel	ax7501-b0	-
zyxel	pm3100-t0_firmware	-
zyxel	pm3100-t0	-
zyxel	pm5100-t0_firmware	-
zyxel	pm5100-t0	-
zyxel	pm7300-t0_firmware	-
zyxel	pm7300-t0	-
zyxel	pm7320-b0_firmware	-
zyxel	pm7320-b0	-
zyxel	pmg5317-t20b_firmware	-
zyxel	pmg5317-t20b	-
zyxel	pmg5617-t20b2_firmware	-
zyxel	pmg5617-t20b2	-
zyxel	pmg5617ga_firmware	-
zyxel	pmg5617ga	-
zyxel	pmg5622ga_firmware	-
zyxel	pmg5622ga	-
zyxel	wx3100-t0_firmware	-
zyxel	wx3100-t0	-
zyxel	wx3401-b0_firmware	-
zyxel	wx3401-b0	-
zyxel	wx5600-t0_firmware	-
zyxel	wx5600-t0	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DFDC741-78E6-42AA-B647-DEE9F04AA2DD",
              "versionEndExcluding": "1.00\\(abra.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3480021-1538-48ED-BE89-BB0DF562C7DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7490-m904_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB812F29-2FAE-414C-9047-2471148B1E36",
              "versionEndExcluding": "1.00\\(abqy.5\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC75F6DE-DCAF-47A0-B6BB-0E050C68AF25",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nebula_nr5101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01D0F1E5-B9F0-4B64-8331-D18641EC161F",
              "versionEndExcluding": "1.15\\(accg.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nebula_nr5101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9F605B8-A892-4119-AB7A-D14CDC5DFC88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA537481-4311-4C5E-B577-76C8A789FDAC",
              "versionEndExcluding": "1.15\\(accc.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52096C1F-F73C-413E-9D37-82EFA4703AEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr5101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EB8687A-EADF-4B15-8F41-78F1070E0CA3",
              "versionEndExcluding": "1.00\\(abvc.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr5101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11197D03-1C93-4D6A-950C-273E46CBBC62",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63A72A80-DA68-4353-8FEA-D372180F8401",
              "versionEndExcluding": "1.00\\(abuv.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D27B24-9822-432C-8B8B-9546EE32DEC6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56958A5-2427-4A9A-BD40-3B548437CA36",
              "versionEndExcluding": "1.00\\(abyd.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1A15757-DE6F-4A72-9CAD-BAC04BD340A0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:dx3301-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78DE37DB-6F39-48FE-8CE9-626036234C16",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BBDC072-5D40-4130-9B5F-22FDA9BF909A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:dx4510-b1_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F40E06-666B-490C-84F7-1A7B49834CC1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8668990-045A-4DDD-9089-DE0025B69765",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:dx5401-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE285587-D5F3-42E5-ACB6-BDD03A50236C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B293E564-2C48-442A-A415-34383DF3ADBA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg3525-t50b_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4917CDD6-B5D9-4674-AE43-B75B60B8289E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9259E2F6-885D-4B44-8D40-20758DA599D2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg5523-t50b_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DEAC05-EB3A-451D-9C0F-8D22B8886605",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3ECE0EB-C429-4716-ABFB-73540847EB9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg5723-t50k_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1219D188-2A83-41EC-AC8D-694901E6067C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B18982B2-E575-478E-A2B4-0932DE329056",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex3301-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1F9ACE-DA82-4449-ADF9-5F8F540B812E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4434EF63-63EA-4A27-A6EF-CEE3000E9F02",
              "versionEndExcluding": "5.17\\(abup.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5401-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D01EDB-A41C-4FC1-9C4B-38B69360BE90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5501-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87D32815-5026-4A9A-8C8E-C30F154833AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88B8CDD0-E73A-4FAA-9964-D8C09949CB32",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1EC2DCD-97F2-4E13-AE82-468DBF052C4E",
              "versionEndExcluding": "5.17\\(abqx.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5512-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FF2B306-1EBD-4A14-A865-94C50F2F036D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5600-t1_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6C46819-2848-4C0D-B360-F6987E9D3A82",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5600-t1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "021CFB91-4627-4080-BF09-0BB5EFA708DD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5601-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E7B377-3CF1-4BF5-A960-75952BC382D0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABFF2039-5DCC-4850-8BDA-3D418629C226",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5601-t1_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D41D53E2-CB40-4715-A2B5-E9E87C1F3AE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D629D4B6-B2F2-45F1-9295-71751570C231",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EBF0F8D-90CC-4089-AC9A-665348D27331",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B33AE56-3948-494B-9E23-54D939DF0D3E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD68CC70-242D-4A88-B182-DB68D2086225",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88F74228-AC0C-4150-974D-54D77BBF9A90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B59AA0D1-9564-48FA-A0AF-C1FC67C0D1EC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C75B24C-177A-470B-BCDE-39D31B0199F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8901BBA-F2D4-49B8-80CF-4BABB5D2F365",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C2320B-52DF-4F86-86D2-42FB62337773",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ax7501-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6F890C3-F15D-4154-8E70-1529C7C8D89A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78473083-F702-4B81-AAA0-B66A0984FF6B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm3100-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D85D00E0-AA47-48AD-8914-A443482D7D7F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F78F88D4-A782-4075-A3CB-A728CE4014DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm5100-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E683B32-A1A0-4DA4-81C4-61513E9E585F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm7300-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "481013ED-2B6F-4FBB-881A-C0CD038C5FDA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm7320-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B9C504-41A4-4756-BDB0-2EE317F801AE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm7320-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6A479CC-D543-49A1-8A37-7E9D4A0F0009",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1141E1B7-B6B8-496B-A2CA-A9076D805741",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F1334B5-FC76-412F-A7EF-02EEEE677460",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CA3BD8C-4FBB-45B6-AB00-55F7D5BA3C1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5617ga_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366FB20C-6740-431A-A0CA-6EC3FDD3C505",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C1B0834-3398-41B0-9A14-7D97768732B4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5622ga_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61E8935-26CD-4664-A95C-1BCA77DBC4DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "840AF834-B7A6-4ACA-BAB9-996D87476D3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wx3100-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA532797-C2BF-4A37-9A36-92F1115150AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2C56248-D12F-46DC-A52F-0607E4A5DCCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wx3401-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E011E78-E7E7-4F84-9A7D-A6548AFBE30C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "677C554B-F9C7-4780-97C0-6021146F8B3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wx5600-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ED109DF-7C43-4CEC-AC2C-80762B60C776",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de inyecci\u00f3n de comandos en el programa CGI del firmware Zyxel NR7101 anterior a V1.15(ACCC.3)C0, que podr\u00eda permitir a un atacante autenticado ejecutar algunos comandos del sistema operativo en un dispositivo vulnerable enviando una solicitud HTTP manipulada."
    }
  ],
  "id": "CVE-2022-43390",
  "lastModified": "2024-11-21T07:26:23.043",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.5,
        "source": "security@zyxel.com.tw",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-01-11T02:15:11.170",
  "references": [
    {
      "source": "security@zyxel.com.tw",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
    }
  ],
  "sourceIdentifier": "security@zyxel.com.tw",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "security@zyxel.com.tw",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-01-11 02:15

Modified

2024-11-21 07:26

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.

References

▼	URL	Tags
	security@zyxel.com.tw	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders	Vendor Advisory

Impacted products

Vendor	Product	Version
zyxel	lte3301-plus_firmware	-
zyxel	lte3301-plus	-
zyxel	lte5388-m804_firmware	-
zyxel	lte5388-m804	-
zyxel	lte5398-m904_firmware	-
zyxel	lte5398-m904	-
zyxel	lte7240-m403_firmware	-
zyxel	lte7240-m403	-
zyxel	lte7461-m602_firmware	-
zyxel	lte7461-m602	-
zyxel	lte7480-m804_firmware	*
zyxel	lte7480-m804	-
zyxel	lte7480-s905_firmware	-
zyxel	lte7480-s905	-
zyxel	lte7485-s905_firmware	-
zyxel	lte7485-s905	-
zyxel	lte7490-m904_firmware	*
zyxel	lte7490-m904	-
zyxel	nebula_lte3301-plus_firmware	*
zyxel	nebula_lte3301-plus	-
zyxel	nebula_lte7461-m602_firmware	*
zyxel	nebula_lte7461-m602	-
zyxel	nebula_nr5101_firmware	*
zyxel	nebula_nr5101	-
zyxel	nebula_nr7101_firmware	*
zyxel	nebula_nr7101	-
zyxel	nr5101_firmware	*
zyxel	nr5101	-
zyxel	nr7101_firmware	*
zyxel	nr7101	-
zyxel	nr7102_firmware	*
zyxel	nr7102	-
zyxel	dx3301-t0_firmware	-
zyxel	dx3301-t0	-
zyxel	dx4510-b1_firmware	-
zyxel	dx4510-b1	-
zyxel	dx5401-b0_firmware	-
zyxel	dx5401-b0	-
zyxel	emg3525-t50b_firmware	-
zyxel	emg3525-t50b	-
zyxel	emg5523-t50b_firmware	-
zyxel	emg5523-t50b	-
zyxel	emg5723-t50k_firmware	-
zyxel	emg5723-t50k	-
zyxel	ex3301-t0_firmware	-
zyxel	ex3301-t0	-
zyxel	ex3510-b0_firmware	*
zyxel	ex3510-b0	-
zyxel	ex5401-b0_firmware	-
zyxel	ex5401-b0	-
zyxel	ex5501-b0_firmware	-
zyxel	ex5501-b0	-
zyxel	ex5510-b0_firmware	*
zyxel	ex5510-b0	-
zyxel	ex5512-t0_firmware	-
zyxel	ex5512-t0	-
zyxel	ex5600-t1_firmware	-
zyxel	ex5600-t1	-
zyxel	ex5601-t0_firmware	-
zyxel	ex5601-t0	-
zyxel	ex5601-t1_firmware	-
zyxel	ex5601-t1	-
zyxel	vmg3927-t50k_firmware	-
zyxel	vmg3927-t50k	-
zyxel	vmg4005-b50a_firmware	-
zyxel	vmg4005-b50a	-
zyxel	vmg4005-b60a_firmware	-
zyxel	vmg4005-b60a	-
zyxel	vmg8623-t50b_firmware	-
zyxel	vmg8623-t50b	-
zyxel	vmg8825-t50k_firmware	-
zyxel	vmg8825-t50k	-
zyxel	ax7501-b0_firmware	-
zyxel	ax7501-b0	-
zyxel	pm3100-t0_firmware	-
zyxel	pm3100-t0	-
zyxel	pm5100-t0_firmware	-
zyxel	pm5100-t0	-
zyxel	pm7300-t0_firmware	-
zyxel	pm7300-t0	-
zyxel	pm7320-b0_firmware	-
zyxel	pm7320-b0	-
zyxel	pmg5317-t20b_firmware	-
zyxel	pmg5317-t20b	-
zyxel	pmg5617-t20b2_firmware	-
zyxel	pmg5617-t20b2	-
zyxel	pmg5617ga_firmware	-
zyxel	pmg5617ga	-
zyxel	pmg5622ga_firmware	-
zyxel	pmg5622ga	-
zyxel	wx3100-t0_firmware	-
zyxel	wx3100-t0	-
zyxel	wx3401-b0_firmware	-
zyxel	wx3401-b0	-
zyxel	wx5600-t0_firmware	-
zyxel	wx5600-t0	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte3301-plus_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E3A51F-C92D-4E83-A05E-A26225D4CFDD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4814D3A1-C0D4-4573-AD77-C2EE7AC11CB4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte5388-m804_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A7440E3-02F9-4416-A571-0008EA8206F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte5388-m804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67FFCF7-ECE9-4644-B248-1B6E10AD9398",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte5398-m904_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D18788-84EE-4880-B70D-DE385C5C1100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte5398-m904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F90453B8-19FF-4FF3-A167-E1A70E022201",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7240-m403_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDC6FB56-8601-49D2-BD8C-4D373CF5ACD6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7240-m403:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAE2212F-D523-4706-9FD2-FDA760EE4B4F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7461-m602_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEE2F4F-8E90-4D2D-BFDE-DD5B23897087",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7461-m602:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A307AD3-4E60-4859-B182-4CD4CB843757",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DFDC741-78E6-42AA-B647-DEE9F04AA2DD",
              "versionEndExcluding": "1.00\\(abra.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3480021-1538-48ED-BE89-BB0DF562C7DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7480-s905_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DCAE189-6379-40E6-A4FA-1E0431CCCD09",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7480-s905:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7AF237-04F2-4054-96DE-3FD059CF4B35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7485-s905_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59DDDBA4-966E-4143-9A33-A2431383A732",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7485-s905:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09953F0-2415-45F7-811C-E9D1A361284C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:lte7490-m904_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB812F29-2FAE-414C-9047-2471148B1E36",
              "versionEndExcluding": "1.00\\(abqy.5\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC75F6DE-DCAF-47A0-B6BB-0E050C68AF25",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD8C47E-C19E-4848-9898-CE0AAF05B0DD",
              "versionEndExcluding": "1.15\\(acca.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "42297A6A-3E50-4E9E-ABF6-58C77F222DC1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nebula_lte7461-m602_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BF0A17A-5F34-4CD7-8A67-DA277CF78CFC",
              "versionEndExcluding": "1.15\\(acev.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nebula_lte7461-m602:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44AA94AF-24B0-4C91-A990-9418EA5A5DAC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nebula_nr5101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01D0F1E5-B9F0-4B64-8331-D18641EC161F",
              "versionEndExcluding": "1.15\\(accg.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nebula_nr5101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9F605B8-A892-4119-AB7A-D14CDC5DFC88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA537481-4311-4C5E-B577-76C8A789FDAC",
              "versionEndExcluding": "1.15\\(accc.3\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52096C1F-F73C-413E-9D37-82EFA4703AEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr5101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EB8687A-EADF-4B15-8F41-78F1070E0CA3",
              "versionEndExcluding": "1.00\\(abvc.6\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr5101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11197D03-1C93-4D6A-950C-273E46CBBC62",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63A72A80-DA68-4353-8FEA-D372180F8401",
              "versionEndExcluding": "1.00\\(abuv.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D27B24-9822-432C-8B8B-9546EE32DEC6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56958A5-2427-4A9A-BD40-3B548437CA36",
              "versionEndExcluding": "1.00\\(abyd.2\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1A15757-DE6F-4A72-9CAD-BAC04BD340A0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:dx3301-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78DE37DB-6F39-48FE-8CE9-626036234C16",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BBDC072-5D40-4130-9B5F-22FDA9BF909A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:dx4510-b1_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F40E06-666B-490C-84F7-1A7B49834CC1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8668990-045A-4DDD-9089-DE0025B69765",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:dx5401-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE285587-D5F3-42E5-ACB6-BDD03A50236C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B293E564-2C48-442A-A415-34383DF3ADBA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg3525-t50b_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4917CDD6-B5D9-4674-AE43-B75B60B8289E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9259E2F6-885D-4B44-8D40-20758DA599D2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg5523-t50b_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DEAC05-EB3A-451D-9C0F-8D22B8886605",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3ECE0EB-C429-4716-ABFB-73540847EB9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:emg5723-t50k_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1219D188-2A83-41EC-AC8D-694901E6067C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B18982B2-E575-478E-A2B4-0932DE329056",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex3301-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1F9ACE-DA82-4449-ADF9-5F8F540B812E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4434EF63-63EA-4A27-A6EF-CEE3000E9F02",
              "versionEndExcluding": "5.17\\(abup.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5401-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D01EDB-A41C-4FC1-9C4B-38B69360BE90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5501-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87D32815-5026-4A9A-8C8E-C30F154833AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88B8CDD0-E73A-4FAA-9964-D8C09949CB32",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1EC2DCD-97F2-4E13-AE82-468DBF052C4E",
              "versionEndExcluding": "5.17\\(abqx.7\\)c0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5512-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FF2B306-1EBD-4A14-A865-94C50F2F036D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5600-t1_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6C46819-2848-4C0D-B360-F6987E9D3A82",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5600-t1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "021CFB91-4627-4080-BF09-0BB5EFA708DD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5601-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E7B377-3CF1-4BF5-A960-75952BC382D0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABFF2039-5DCC-4850-8BDA-3D418629C226",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ex5601-t1_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D41D53E2-CB40-4715-A2B5-E9E87C1F3AE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D629D4B6-B2F2-45F1-9295-71751570C231",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EBF0F8D-90CC-4089-AC9A-665348D27331",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B33AE56-3948-494B-9E23-54D939DF0D3E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD68CC70-242D-4A88-B182-DB68D2086225",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88F74228-AC0C-4150-974D-54D77BBF9A90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B59AA0D1-9564-48FA-A0AF-C1FC67C0D1EC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C75B24C-177A-470B-BCDE-39D31B0199F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8901BBA-F2D4-49B8-80CF-4BABB5D2F365",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C2320B-52DF-4F86-86D2-42FB62337773",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:ax7501-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6F890C3-F15D-4154-8E70-1529C7C8D89A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78473083-F702-4B81-AAA0-B66A0984FF6B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm3100-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D85D00E0-AA47-48AD-8914-A443482D7D7F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F78F88D4-A782-4075-A3CB-A728CE4014DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm5100-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E683B32-A1A0-4DA4-81C4-61513E9E585F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm7300-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "481013ED-2B6F-4FBB-881A-C0CD038C5FDA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pm7320-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B9C504-41A4-4756-BDB0-2EE317F801AE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pm7320-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6A479CC-D543-49A1-8A37-7E9D4A0F0009",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1141E1B7-B6B8-496B-A2CA-A9076D805741",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F1334B5-FC76-412F-A7EF-02EEEE677460",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CA3BD8C-4FBB-45B6-AB00-55F7D5BA3C1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5617ga_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366FB20C-6740-431A-A0CA-6EC3FDD3C505",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C1B0834-3398-41B0-9A14-7D97768732B4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5622ga_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61E8935-26CD-4664-A95C-1BCA77DBC4DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "840AF834-B7A6-4ACA-BAB9-996D87476D3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wx3100-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA532797-C2BF-4A37-9A36-92F1115150AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2C56248-D12F-46DC-A52F-0607E4A5DCCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wx3401-b0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E011E78-E7E7-4F84-9A7D-A6548AFBE30C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "677C554B-F9C7-4780-97C0-6021146F8B3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:wx5600-t0_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ED109DF-7C43-4CEC-AC2C-80762B60C776",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.\n\n"
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de desbordamiento de b\u00fafer en el par\u00e1metro del programa CGI en el firmware Zyxel NR7101 anterior a V1.15(ACCC.3)C0, que podr\u00eda permitir a un atacante autenticado causar condiciones de denegaci\u00f3n de servicio (DoS) mediante el env\u00edo de una solicitud HTTP manipulada."
    }
  ],
  "id": "CVE-2022-43391",
  "lastModified": "2024-11-21T07:26:23.243",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "security@zyxel.com.tw",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-01-11T02:15:11.250",
  "references": [
    {
      "source": "security@zyxel.com.tw",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"
    }
  ],
  "sourceIdentifier": "security@zyxel.com.tw",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "security@zyxel.com.tw",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerabilites related to zyxel - pmg5622ga

cve-2022-43392

Vulnerability from cvelistv5

cve-2021-35036

Vulnerability from cvelistv5

cve-2022-26413

Vulnerability from cvelistv5

cve-2022-43389

Vulnerability from cvelistv5

cve-2022-43391

Vulnerability from cvelistv5

cve-2022-43390

Vulnerability from cvelistv5

cve-2022-26414

Vulnerability from cvelistv5

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd