Sign-up

ID

VAR-201911-1316


CVE

CVE-2019-15804


TITLE

Zyxel GS1900 Input validation vulnerability in device firmware

Trust: 0.8

sources: JVNDB: JVNDB-2019-012186

DESCRIPTION

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. By sending a signal to the CLI process, undocumented functionality is triggered. Specifically, a menu can be triggered by sending the SIGQUIT signal to the CLI application (e.g., through CTRL+\ via SSH). The access control check for this menu does work and prohibits accessing the menu, which contains "Password recovery for specific user" options. The menu is believed to be accessible using a serial console. Zyxel GS1900 An input validation vulnerability exists in the device firmware.Information may be altered. ZyXEL GS1900 is a managed switch of ZyXEL Corporation in Taiwan. There is a security vulnerability in Zyxel GS1900 using firmware versions prior to 2.50 (AAHH.0) C0

Trust: 2.16

sources: NVD: CVE-2019-15804 // JVNDB: JVNDB-2019-012186 // CNVD: CNVD-2020-28447

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-28447

AFFECTED PRODUCTS

vendor:zyxelmodel:gs1900-24escope:ltversion:2.50\(aahk.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-24scope:ltversion:2.50\(aahl.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-24hpscope:ltversion:2.50\(aahm.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-10hpscope:ltversion:2.50\(aazi.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-16scope:ltversion:2.50\(aahj.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-48hpscope:ltversion:2.50\(aaho.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-8scope:ltversion:2.50\(aahh.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-8hpscope:ltversion:2.50\(aahi.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-48scope:ltversion:2.50\(aahn.0\)c0

Trust: 1.0

vendor:zyxelmodel:gs1900-10hpscope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-16scope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-24scope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-24escope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-24hpscope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-48scope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-48hpscope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-8scope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900-8hpscope:ltversion:2.50(aahh.0)c0

Trust: 0.8

vendor:zyxelmodel:gs1900 <2.50 c0scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2020-28447 // JVNDB: JVNDB-2019-012186 // NVD: CVE-2019-15804

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-15804
value: HIGH

Trust: 1.0

NVD: CVE-2019-15804
value: HIGH

Trust: 0.8

CNVD: CNVD-2020-28447
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201911-996
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2019-15804
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2020-28447
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2019-15804
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-15804
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-28447 // JVNDB: JVNDB-2019-012186 // CNNVD: CNNVD-201911-996 // NVD: CVE-2019-15804

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-20

Trust: 0.8

sources: JVNDB: JVNDB-2019-012186 // NVD: CVE-2019-15804

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201911-996

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201911-996

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-012186

PATCH
title:Zyxel security advisory for GS1900 switch vulnerabilitiesurl:https://www.zyxel.com/support/GS1900-switch-vulnerabilities.shtml
Trust: 0.8
title:Patch for ZyXEL GS1900 input verification error vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/217693
Trust: 0.6
title:ZyXEL GS1900 Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103378
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-28447 // 
            
            
            
            JVNDB: JVNDB-2019-012186 // 
            
            
            
            CNNVD: CNNVD-201911-996

EXTERNAL IDS
db:NVDid:CVE-2019-15804
Trust: 3.0
db:JVNDBid:JVNDB-2019-012186
Trust: 0.8
db:CNVDid:CNVD-2020-28447
Trust: 0.6
db:CNNVDid:CNNVD-201911-996
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-28447 // 
            
            
            
            JVNDB: JVNDB-2019-012186 // 
            
            
            
            CNNVD: CNNVD-201911-996 // 
            
            
            
            NVD: CVE-2019-15804

REFERENCES
url:https://nvd.nist.gov/vuln/detail/cve-2019-15804
Trust: 2.0
url:https://jasper.la/exploring-zyxel-gs1900-firmware-with-ghidra.html
Trust: 1.6
url:https://www.zyxel.com/support/gs1900-switch-vulnerabilities.shtml
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15804
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2020-28447 // 
            
            
            
            JVNDB: JVNDB-2019-012186 // 
            
            
            
            CNNVD: CNNVD-201911-996 // 
            
            
            
            NVD: CVE-2019-15804

SOURCES
db:CNVDid:CNVD-2020-28447
db:JVNDBid:JVNDB-2019-012186
db:CNNVDid:CNNVD-201911-996
db:NVDid:CVE-2019-15804

LAST UPDATE DATE
2024-11-23T22:05:56.336000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-28447date:2020-05-15T00:00:00
db:JVNDBid:JVNDB-2019-012186date:2019-11-27T00:00:00
db:CNNVDid:CNNVD-201911-996date:2020-09-02T00:00:00
db:NVDid:CVE-2019-15804date:2024-11-21T04:29:30.103

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-28447date:2020-05-15T00:00:00
db:JVNDBid:JVNDB-2019-012186date:2019-11-27T00:00:00
db:CNNVDid:CNNVD-201911-996date:2019-11-14T00:00:00
db:NVDid:CVE-2019-15804date:2019-11-14T21:15:11.953