admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-01 19:21:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-287xx/CVE-2023-28767.json
cad-safe-bot 552e54b76d Auto-Update: 2023-07-26T22:00:27.133648+00:00
2023-07-26 22:00:30 +00:00

708 lines
20 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-28767",
"sourceIdentifier": "security@zyxel.com.tw",
"published": "2023-07-17T17:15:09.883",
"lastModified": "2023-07-26T21:36:06.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions\u00a05.00 through 5.36,\u00a0 USG FLEX 50(W) series firmware versions 5.10 through 5.36, \n\nUSG20(W)-VPN series firmware versions 5.10 through 5.36, and VPN series firmware versions 5.00 through 5.36. An unauthenticated, LAN-based attacker could leverage the vulnerability to inject some operating system (OS) commands into the device configuration data on an affected device when the cloud management mode is enabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@zyxel.com.tw",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "369543A8-1D92-42AF-896D-30A38E02D8E5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F7F370-C585-45FE-A7F7-40BFF13928CF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "3844EDBE-1FDA-48E0-9535-D81657E1820A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "61B89E2F-9A44-4A02-9279-158CDAA787D5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "6081F154-4A1E-4630-99BB-846B68F5B818"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "428D392F-2427-4510-9185-AD9C1FC839A1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "614F4C95-8835-4A0A-B965-51FBD0289DE5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "DD16BDCE-428C-40B2-BE9E-593ED4C59819"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "F253FB99-B7E9-4809-9E3A-F9964B6B3BD8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "6362D1C8-DD85-45E6-B6F0-BB9882FA0F19"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6762B13C-6FD5-49D7-B2D6-4986BAC3D425"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:zywall_vpn2s_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "DCC7F9D7-2688-4848-9B3F-60C35E66423E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:zywall_vpn2s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D3F001A-8790-463F-804B-CA5CAC610867"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "E19C1F04-1F67-4502-B6E2-B7DA771E1ACA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C35A94-304B-46FB-BAA0-4E0C4F34BEDD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "54D49F68-BCE2-432F-AC2B-1975F7BDBCE7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D902D9D2-5215-4A70-9D16-F1C3BA10EE18"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:zywall_vpn_100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "C380259A-B524-41EC-A733-805F617BA3E1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:zywall_vpn_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B81DDA-DDD5-4D9B-B631-815186E3839F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:zywall_vpn_300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "DF3F62F3-0681-4150-8F89-B44708DE75ED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:zywall_vpn_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "212C5E8E-774A-446E-B7C7-80C349160BC2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:zywall_vpn_50_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.00",
"versionEndExcluding": "5.37",
"matchCriteriaId": "11E3C89D-EEEC-449F-9783-91E0AE286223"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:zywall_vpn_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD872CA4-385D-49A9-B1DF-7C4467BD49AA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.37",
"matchCriteriaId": "39637E53-C502-4377-BC9E-71E0962F7D6F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.37",
"matchCriteriaId": "9BD13DCF-7B56-423B-BA54-E2CC2288E12E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A899D2DE-8C74-4EA1-BD87-B8BF37CBFB6D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.37",
"matchCriteriaId": "EDDD5813-1215-4047-8AA6-A286571A0475"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F65954-FF1A-46A4-A003-FF8B9666880A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.37",
"matchCriteriaId": "D8B5F6AE-537A-4FFB-92AB-28AE2E1741FB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F6D0AA-CDD4-4F1C-98F1-1B381023B3F4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.37",
"matchCriteriaId": "9D73608C-EB5F-44B6-BB11-6F7E4742E71E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA85BCA2-CEF5-44EF-BEFB-5DA2638F5F37"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.37",
"matchCriteriaId": "B51FA0FC-7803-4ECB-BFFB-839E585CD9CA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50CC94B-4EAA-44A7-AEF1-415491572FB1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.37",
"matchCriteriaId": "CCC033D4-363E-4A00-AD9E-1D94D5060CB7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC7EB91-65C4-45EA-9CB4-3B3961724DCB"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers",
"source": "security@zyxel.com.tw",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink