admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-123xx/CVE-2024-12398.json
cad-safe-bot c0ba6519a5 Auto-Update: 2025-01-21T23:00:21.354447+00:00
2025-01-21 23:03:48 +00:00

719 lines
20 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-12398",
"sourceIdentifier": "security@zyxel.com.tw",
"published": "2025-01-14T02:15:07.990",
"lastModified": "2025-01-21T21:12:02.310",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and\u00a0WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device."
},
{
"lang": "es",
"value": " Una vulnerabilidad de administraci\u00f3n de privilegios inadecuada en la interfaz de administraci\u00f3n web de las versiones de firmware Zyxel WBE530 hasta 7.00 (ACLE.3) y las versiones de firmware WBE660S hasta 6.70 (ACGG.2) podr\u00eda permitir que un usuario autenticado con privilegios limitados aumente sus privilegios a los de administrador, lo que le permitir\u00eda cargar archivos de configuraci\u00f3n a un dispositivo vulnerable."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@zyxel.com.tw",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(abyw.1\\)",
"matchCriteriaId": "4CDBEB22-3832-4C51-B811-8A2BF996D09E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2806A3B3-8F13-4170-B284-8809E3502044"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:nwa50ax_pro_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(acge.1\\)",
"matchCriteriaId": "9719A4E4-DB57-4703-AC29-FD94CF89E7E0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:nwa50ax_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F36E7DCD-08BA-4FA1-9A8E-ADE956704132"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(abzl.1\\)",
"matchCriteriaId": "FD6F3443-E169-4CA7-B18D-2DF68A507E59"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7440976-5CB4-40BE-95C2-98EF4B888109"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(accv.1\\)",
"matchCriteriaId": "D7961037-D162-4BAA-948E-18BB25385117"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A903978-737E-4266-A670-BC94E32CAF96"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:nwa90ax_pro_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(acgf.1\\)",
"matchCriteriaId": "6EBC66E4-8643-47FE-80C0-14E53318C84E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:nwa90ax_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "480A495A-A4C4-4696-B500-B6333C79A28B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(abtg.1\\)",
"matchCriteriaId": "E159E289-85E2-4A82-B0DF-309096479A81"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A3F9232-F988-4428-9898-4F536123CE88"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:nwa130be_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(acil.1\\)",
"matchCriteriaId": "B4360DF1-898A-4CCE-905D-05AE164195B5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:nwa130be:-:*:*:*:*:*:*:*",
"matchCriteriaId": "782F9AB7-3464-4BFE-B502-B62CD51A8865"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(abtd.1\\)",
"matchCriteriaId": "FF298D2B-3FCE-4974-9720-00266FE68D09"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB129F9-64D8-43C2-9366-51EBDF419F5F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(acco.1\\)",
"matchCriteriaId": "A290449D-A968-4E76-A3E0-58483D14CA34"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E03F755-424D-4248-9076-ED7BECEB94C5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.70\\(abvt.6\\)",
"matchCriteriaId": "FD3C70D2-3ABE-45D1-BAC1-F5378CA3B758"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36C13E7F-2186-4587-83E9-57B05A7147B7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.70\\(abvs.6\\)",
"matchCriteriaId": "61033C21-7255-4BBC-A22E-E87FB4C92C88"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C024551-F08F-4152-940D-1CF8BCD79613"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.70\\(abwa.6\\)",
"matchCriteriaId": "ACC84162-28C7-4DA9-88C4-BFAE9315C805"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A1FD502-4F62-4C77-B3BC-E563B24F0067"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(achf.1\\)",
"matchCriteriaId": "91F75AB8-A165-4A09-B8F8-B63548E09887"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:wax300h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3073565-BCDF-46EA-8FB0-E9BF402A5122"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(abtf.1\\)",
"matchCriteriaId": "A34A2784-082B-4E26-8E1F-C395A7151DE5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(abte.1\\)",
"matchCriteriaId": "CE039840-2274-4E56-ABA5-EEF2932A3046"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3518DA0A-2C7B-4979-A457-0826C921B0F0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(accn.1\\)",
"matchCriteriaId": "2B410A50-3756-43BC-AAC3-3CCA65CD24EA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(abzd.1\\)",
"matchCriteriaId": "75F74AE8-4CF4-4CDE-9CA0-1FB0E31D8DEB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC74AAF9-5206-4CEB-9023-6CD4F38AA623"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(accm.1\\)",
"matchCriteriaId": "3DFA7899-2BFE-4F0D-B18B-059C16A4742E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20E4E9A0-DF92-47B7-94D6-0867E3171E47"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(abrm.1\\)",
"matchCriteriaId": "93F89B44-3959-4709-B65D-F9B72646D746"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D784994E-E2CE-4328-B490-D9DC195A53DB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(acdo.1\\)",
"matchCriteriaId": "FFF2B717-0B0C-4A10-86A6-ABFB592C4A52"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10\\(acle.1\\)",
"matchCriteriaId": "AAF5DBAB-37C2-4436-AA29-C48A0E88A673"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:wbe530:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3061579E-C708-42BC-86FC-B6223B941335"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.00\\(acgg.1\\)",
"matchCriteriaId": "64D953D8-8351-44F4-ADCE-97F11DF62AE7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.10\\(acip.0\\)",
"matchCriteriaId": "7C68921A-9FD4-41AA-A6A3-5F3BCC36C345"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_lite_60ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC710993-3E55-4C88-A261-0A67F5069071"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-and-security-router-devices-01-14-2025",
"source": "security@zyxel.com.tw",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink