2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2022-2030" ,
"sourceIdentifier" : "security@zyxel.com.tw" ,
"published" : "2022-07-19T06:15:08.383" ,
"lastModified" : "2022-07-29T22:00:11.850" ,
"vulnStatus" : "Analyzed" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.11 through 4.72, that could allow an authenticated attacker to access some restricted files on a vulnerable device."
} ,
{
"lang" : "es" ,
"value" : "Se identific\u00f3 una vulnerabilidad de salto de directorio causada por secuencias de caracteres espec\u00edficas dentro de una URL saneada inapropiadamente en algunos programas CGI de las versiones 4.50 a 5.30 del firmware Zyxel USG FLEX 100(W), versiones 4.50 a 5.30 del firmware USG FLEX 200, versiones 4.50 a 5.30 del firmware USG FLEX 500, versiones 4.50 a 5.30 del firmware USG FLEX 700. 30, firmware USG FLEX 50(W) versiones 4.16 a 5.30, firmware USG20(W)-VPN versiones 4.16 a 5.30, firmware de la serie ATP versiones 4.32 a 5.30, firmware de la serie VPN versiones 4.30 a 5.30, firmware de la serie USG/ZyWALL versiones 4.11 a 4.72, que podr\u00eda permitir a un atacante autenticado acceder a algunos archivos restringidos en un dispositivo vulnerable.\n"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "NONE" ,
"availabilityImpact" : "NONE" ,
"baseScore" : 6.5 ,
"baseSeverity" : "MEDIUM"
} ,
"exploitabilityScore" : 2.8 ,
"impactScore" : 3.6
} ,
{
"source" : "security@zyxel.com.tw" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "NONE" ,
"availabilityImpact" : "NONE" ,
"baseScore" : 6.5 ,
"baseSeverity" : "MEDIUM"
} ,
"exploitabilityScore" : 2.8 ,
"impactScore" : 3.6
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-22"
}
]
} ,
{
"source" : "security@zyxel.com.tw" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-22"
}
]
}
] ,
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D74ABA7E-AA78-4A13-A64E-C44021591B42"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.50" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "168114AC-C949-4CA5-B4B4-BF9FB5890DA2"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F93B6A06-2951-46D2-A7E1-103D7318D612"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.50" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "0EFADF80-716E-4000-93D4-0CB3B277BA25"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "92C697A5-D1D3-4FF0-9C43-D27B18181958"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.50" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "7FABAFF3-61E8-4C97-BEFE-1D68788167FB"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.50" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "21C293BE-791E-4D1C-8E72-9E0464444274"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "110A1CA4-0170-4834-8281-0A3E14FC5584"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.20" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "E6C9ECE5-14ED-4B0C-B4FF-F00E35A9AFF0"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "06D2AD3A-9197-487D-A267-24DE332CC66B"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.20" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "F666507D-EE3E-493A-9DF5-D7773305985D"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "66B99746-0589-46E6-9CBD-F38619AD97DC"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.32" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "50A72101-97B4-4770-A6F7-D25B3A0AE45E"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0B41F437-855B-4490-8011-DF59887BE6D5"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.32" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "650D7D9B-65A7-4949-9F6C-9A3B7BDD17F5"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.32" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "1C376DD7-8378-42BE-92F1-872500E882D4"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.32" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "F9DC83BF-6F99-4345-BE51-4FB93F38FD21"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D68A36FF-8CAF-401C-9F18-94F3A2405CF4"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.32" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "4E464C22-5D8C-4D85-9F65-8485972C3524"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.32" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "F5A44B6A-B1BC-481F-9D08-61E50F58EB1A"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7F7654A1-3806-41C7-82D4-46B0CD7EE53B"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.30" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "DBBB154D-46EB-4D97-B5F4-01ADA359C5AC"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EECD311A-4E96-4576-AADF-47291EDE3559"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.30" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "4D0BC145-7EF2-4B13-BE26-A567EEF06613"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3C45C303-1A95-4245-B242-3AB9B9106CD4"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.30" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "75627990-29D4-40F3-8E66-975F1898B6D5"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "81D90A7B-174F-40A1-8AF4-08B15B7BAC40"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.30" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "0F357DD8-0C9E-418E-98B4-0F1292AA7176"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.30" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "352F3388-9107-4B41-AAD8-D11965D78240"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7239C54F-EC9E-44B4-AE33-1D36E5448219"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.30" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "BC1F7BCE-342F-4847-BB89-2B47384A54C9"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "32F7F370-C585-45FE-A7F7-40BFF13928CF"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.30" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "F6FBACC4-A37C-4023-A656-F3428A74D542"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "145E41D9-E376-4B8E-A34F-F2C7ECFD649D"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.30" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "B1C3F76A-6963-4B2F-AAF4-9E3BBB0627D6"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B40C703E-C7C0-4B49-A336-83853D3E8C31"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.30" ,
"versionEndIncluding" : "5.30" ,
"matchCriteriaId" : "61ED5800-D09B-4953-AB0F-65AE3EF33C57"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BCE32A1C-A730-4893-BCB9-F753F8E65440"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.20" ,
"versionEndIncluding" : "4.72" ,
"matchCriteriaId" : "3F486DCF-02EB-49DC-862A-3CE9B55D8210"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5CCD2777-CC85-4BAA-B16B-19C2DB8DB742"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.20" ,
"versionEndIncluding" : "4.72" ,
"matchCriteriaId" : "94A7F2DF-F22C-49DA-9563-BAFD59011B70"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0906F3FA-793B-421D-B957-7E9C18C1AEC0"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.20" ,
"versionEndIncluding" : "4.72" ,
"matchCriteriaId" : "36CDEEE3-8284-4759-9B23-72989BBABBDD"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "26900300-1325-4C8A-BC3B-A10233B2462A"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.20" ,
"versionEndIncluding" : "4.72" ,
"matchCriteriaId" : "149EABE0-AAB1-41C2-9A34-2C25650B83BF"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A5A7555E-BC29-460C-A701-7DCDEAFE67F3"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml" ,
"source" : "security@zyxel.com.tw" ,
"tags" : [
"Vendor Advisory"
]
}
]
}
