Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for WAX300H firmware by Zyxel

    CVE-2023-6398 (GCVE-0-2023-6398)

    Vulnerability from nvd – Published: 2024-02-20 01:34 – Updated: 2024-08-25 15:46
    VLAI
    Summary
    A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, USG FLEX H series firmware versions from 1.10 through 1.10 Patch 1, NWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Zyxel ATP series firmware Affected: version 4.32 through 5.37 Patch 1
    Create a notification for this product.
    Zyxel USG FLEX series firmware Affected: version 4.50 through 5.37 Patch 1
    Create a notification for this product.
    Zyxel USG FLEX 50(W) series firmware Affected: version 4.16 through 5.37 Patch 1
    Create a notification for this product.
    Zyxel USG20(W)-VPN series firmware Affected: version 4.16 through 5.37 Patch 1
    Create a notification for this product.
    Zyxel NWA50AX firmware Affected: < 6.29(ABYW.4)
    Create a notification for this product.
    Zyxel WAC500 firmware Affected: < 6.70(ABVS.1)
    Create a notification for this product.
    Zyxel WAX300H firmware Affected: < 6.70(ACHF.1)
    Create a notification for this product.
    Zyxel WBE660S firmware Affected: < 6.70(ACGG.1)
    Create a notification for this product.
    Zyxel USG FLEX H series firmware Affected: version 1.10 through 1.10 Patch 1
    Create a notification for this product.
    zyxel atp800_firmware Affected: 4.32 , ≤ 5.37_patch1 (custom)
        cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    zyxel usg_flex_700_firmware Affected: 4.50 , < 5.37_patch1 (custom)
        cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:usg_flex_500w_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    zyxel nwa50ax_firmware Affected: 0 , < 6.29\(abyw.4\) (custom)
        cpe:2.3:o:zyxel:nwa50ax_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    zyxel wac500_firmware Affected: 0 , < 6.70\(abvs.1\) (custom)
        cpe:2.3:o:zyxel:wac500_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    zyxel wax300h_firmware Affected: 0 , < 6.70\(achf.1\) (custom)
        cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    zyxel wbe660s_firmware Affected: 0 , < 6.70\(acgg.1\) (custom)
        cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    zyxel usg_20w-vpn_firmware Affected: 4.16 , ≤ 5.37_patch1 (custom)
        cpe:2.3:o:zyxel:usg_20w-vpn_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:28:21.823Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "atp800_firmware",
                "vendor": "zyxel",
                "versions": [
                  {
                    "lessThanOrEqual": "5.37_patch1",
                    "status": "affected",
                    "version": "4.32",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:usg_flex_500w_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "usg_flex_700_firmware",
                "vendor": "zyxel",
                "versions": [
                  {
                    "lessThan": "5.37_patch1",
                    "status": "affected",
                    "version": "4.50",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:zyxel:nwa50ax_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nwa50ax_firmware",
                "vendor": "zyxel",
                "versions": [
                  {
                    "lessThan": "6.29\\(abyw.4\\)",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:zyxel:wac500_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wac500_firmware",
                "vendor": "zyxel",
                "versions": [
                  {
                    "lessThan": "6.70\\(abvs.1\\)",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wax300h_firmware",
                "vendor": "zyxel",
                "versions": [
                  {
                    "lessThan": "6.70\\(achf.1\\)",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wbe660s_firmware",
                "vendor": "zyxel",
                "versions": [
                  {
                    "lessThan": "6.70\\(acgg.1\\)",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "usg_20w-vpn_firmware",
                "vendor": "zyxel",
                "versions": [
                  {
                    "lessThanOrEqual": "5.37_patch1",
                    "status": "affected",
                    "version": "4.16",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6398",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-01T05:01:04.429989Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-25T15:46:49.897Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ATP series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "version 4.32 through 5.37 Patch 1"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG FLEX series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "version 4.50 through 5.37 Patch 1"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG FLEX 50(W) series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": " version 4.16 through 5.37 Patch 1"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG20(W)-VPN series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "version 4.16 through 5.37 Patch 1"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": " NWA50AX firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.29(ABYW.4)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": " WAC500 firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.70(ABVS.1)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WAX300H firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.70(ACHF.1)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WBE660S firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.70(ACGG.1)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG FLEX H series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "version 1.10 through 1.10 Patch 1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, \n\nUSG FLEX H series firmware versions from 1.10 through 1.10 Patch 1,\n\nNWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP."
                }
              ],
              "value": "A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, \n\nUSG FLEX H series firmware versions from 1.10 through 1.10 Patch 1,\n\nNWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-21T09:17:30.230Z",
            "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
            "shortName": "Zyxel"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "assignerShortName": "Zyxel",
        "cveId": "CVE-2023-6398",
        "datePublished": "2024-02-20T01:34:32.229Z",
        "dateReserved": "2023-11-30T07:58:16.356Z",
        "dateUpdated": "2024-08-25T15:46:49.897Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5797 (GCVE-0-2023-5797)

    Vulnerability from nvd – Published: 2023-11-28 02:00 – Updated: 2024-12-02 19:31
    VLAI
    Summary
    An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:14:24.078Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5797",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-02T19:31:26.701004Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-02T19:31:49.340Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ATP series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": " versions 4.32 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG FLEX series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.50 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG FLEX 50(W) series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.16 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG20(W)-VPN series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.16 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "VPN series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.30 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "NWA50AX firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.29(ABYW.2)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WAC500 firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.65(ABVS.1)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WAX300H firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.60(ACHF.1)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WBE660S firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.65(ACGG.1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator\u2019s logs on an affected device."
                }
              ],
              "value": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator\u2019s logs on an affected device."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-28T02:00:59.801Z",
            "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
            "shortName": "Zyxel"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "assignerShortName": "Zyxel",
        "cveId": "CVE-2023-5797",
        "datePublished": "2023-11-28T02:00:59.801Z",
        "dateReserved": "2023-10-26T08:51:44.363Z",
        "dateUpdated": "2024-12-02T19:31:49.340Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37925 (GCVE-0-2023-37925)

    Vulnerability from nvd – Published: 2023-11-28 01:30 – Updated: 2024-08-02 17:23
    VLAI
    Summary
    An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:23:27.715Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ATP series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.32 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG FLEX series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.50 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG FLEX 50(W) series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.16 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG20(W)-VPN series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.16 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "VPN series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.30 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "NWA50AX firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.29(ABYW.2)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WAC500 firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.65(ABVS.1)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WAX300H firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.60(ACHF.1)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WBE660S firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.65(ACGG.1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device."
                }
              ],
              "value": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-28T01:30:55.186Z",
            "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
            "shortName": "Zyxel"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "assignerShortName": "Zyxel",
        "cveId": "CVE-2023-37925",
        "datePublished": "2023-11-28T01:30:55.186Z",
        "dateReserved": "2023-07-11T01:52:33.655Z",
        "dateUpdated": "2024-08-02T17:23:27.715Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-6398 (GCVE-0-2023-6398)

    Vulnerability from cvelistv5 – Published: 2024-02-20 01:34 – Updated: 2024-08-25 15:46
    VLAI
    Summary
    A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, USG FLEX H series firmware versions from 1.10 through 1.10 Patch 1, NWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Zyxel ATP series firmware Affected: version 4.32 through 5.37 Patch 1
    Create a notification for this product.
    Zyxel USG FLEX series firmware Affected: version 4.50 through 5.37 Patch 1
    Create a notification for this product.
    Zyxel USG FLEX 50(W) series firmware Affected: version 4.16 through 5.37 Patch 1
    Create a notification for this product.
    Zyxel USG20(W)-VPN series firmware Affected: version 4.16 through 5.37 Patch 1
    Create a notification for this product.
    Zyxel NWA50AX firmware Affected: < 6.29(ABYW.4)
    Create a notification for this product.
    Zyxel WAC500 firmware Affected: < 6.70(ABVS.1)
    Create a notification for this product.
    Zyxel WAX300H firmware Affected: < 6.70(ACHF.1)
    Create a notification for this product.
    Zyxel WBE660S firmware Affected: < 6.70(ACGG.1)
    Create a notification for this product.
    Zyxel USG FLEX H series firmware Affected: version 1.10 through 1.10 Patch 1
    Create a notification for this product.
    zyxel atp800_firmware Affected: 4.32 , ≤ 5.37_patch1 (custom)
        cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    zyxel usg_flex_700_firmware Affected: 4.50 , < 5.37_patch1 (custom)
        cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:usg_flex_500w_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    zyxel nwa50ax_firmware Affected: 0 , < 6.29\(abyw.4\) (custom)
        cpe:2.3:o:zyxel:nwa50ax_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    zyxel wac500_firmware Affected: 0 , < 6.70\(abvs.1\) (custom)
        cpe:2.3:o:zyxel:wac500_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    zyxel wax300h_firmware Affected: 0 , < 6.70\(achf.1\) (custom)
        cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    zyxel wbe660s_firmware Affected: 0 , < 6.70\(acgg.1\) (custom)
        cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    zyxel usg_20w-vpn_firmware Affected: 4.16 , ≤ 5.37_patch1 (custom)
        cpe:2.3:o:zyxel:usg_20w-vpn_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:28:21.823Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "atp800_firmware",
                "vendor": "zyxel",
                "versions": [
                  {
                    "lessThanOrEqual": "5.37_patch1",
                    "status": "affected",
                    "version": "4.32",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:usg_flex_500w_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "usg_flex_700_firmware",
                "vendor": "zyxel",
                "versions": [
                  {
                    "lessThan": "5.37_patch1",
                    "status": "affected",
                    "version": "4.50",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:zyxel:nwa50ax_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nwa50ax_firmware",
                "vendor": "zyxel",
                "versions": [
                  {
                    "lessThan": "6.29\\(abyw.4\\)",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:zyxel:wac500_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wac500_firmware",
                "vendor": "zyxel",
                "versions": [
                  {
                    "lessThan": "6.70\\(abvs.1\\)",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wax300h_firmware",
                "vendor": "zyxel",
                "versions": [
                  {
                    "lessThan": "6.70\\(achf.1\\)",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wbe660s_firmware",
                "vendor": "zyxel",
                "versions": [
                  {
                    "lessThan": "6.70\\(acgg.1\\)",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "usg_20w-vpn_firmware",
                "vendor": "zyxel",
                "versions": [
                  {
                    "lessThanOrEqual": "5.37_patch1",
                    "status": "affected",
                    "version": "4.16",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6398",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-01T05:01:04.429989Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-25T15:46:49.897Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ATP series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "version 4.32 through 5.37 Patch 1"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG FLEX series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "version 4.50 through 5.37 Patch 1"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG FLEX 50(W) series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": " version 4.16 through 5.37 Patch 1"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG20(W)-VPN series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "version 4.16 through 5.37 Patch 1"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": " NWA50AX firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.29(ABYW.4)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": " WAC500 firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.70(ABVS.1)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WAX300H firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.70(ACHF.1)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WBE660S firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.70(ACGG.1)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG FLEX H series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "version 1.10 through 1.10 Patch 1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, \n\nUSG FLEX H series firmware versions from 1.10 through 1.10 Patch 1,\n\nNWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP."
                }
              ],
              "value": "A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, \n\nUSG FLEX H series firmware versions from 1.10 through 1.10 Patch 1,\n\nNWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-21T09:17:30.230Z",
            "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
            "shortName": "Zyxel"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "assignerShortName": "Zyxel",
        "cveId": "CVE-2023-6398",
        "datePublished": "2024-02-20T01:34:32.229Z",
        "dateReserved": "2023-11-30T07:58:16.356Z",
        "dateUpdated": "2024-08-25T15:46:49.897Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5797 (GCVE-0-2023-5797)

    Vulnerability from cvelistv5 – Published: 2023-11-28 02:00 – Updated: 2024-12-02 19:31
    VLAI
    Summary
    An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:14:24.078Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5797",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-02T19:31:26.701004Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-02T19:31:49.340Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ATP series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": " versions 4.32 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG FLEX series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.50 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG FLEX 50(W) series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.16 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG20(W)-VPN series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.16 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "VPN series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.30 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "NWA50AX firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.29(ABYW.2)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WAC500 firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.65(ABVS.1)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WAX300H firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.60(ACHF.1)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WBE660S firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.65(ACGG.1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator\u2019s logs on an affected device."
                }
              ],
              "value": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator\u2019s logs on an affected device."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-28T02:00:59.801Z",
            "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
            "shortName": "Zyxel"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "assignerShortName": "Zyxel",
        "cveId": "CVE-2023-5797",
        "datePublished": "2023-11-28T02:00:59.801Z",
        "dateReserved": "2023-10-26T08:51:44.363Z",
        "dateUpdated": "2024-12-02T19:31:49.340Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37925 (GCVE-0-2023-37925)

    Vulnerability from cvelistv5 – Published: 2023-11-28 01:30 – Updated: 2024-08-02 17:23
    VLAI
    Summary
    An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:23:27.715Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ATP series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.32 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG FLEX series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.50 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG FLEX 50(W) series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.16 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "USG20(W)-VPN series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.16 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "VPN series firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions 4.30 through 5.37"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "NWA50AX firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.29(ABYW.2)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WAC500 firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.65(ABVS.1)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WAX300H firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.60(ACHF.1)"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WBE660S firmware",
              "vendor": "Zyxel",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.65(ACGG.1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device."
                }
              ],
              "value": "An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-28T01:30:55.186Z",
            "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
            "shortName": "Zyxel"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "assignerShortName": "Zyxel",
        "cveId": "CVE-2023-37925",
        "datePublished": "2023-11-28T01:30:55.186Z",
        "dateReserved": "2023-07-11T01:52:33.655Z",
        "dateUpdated": "2024-08-02T17:23:27.715Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }