Sign-up

ID

VAR-202207-1298


CVE

CVE-2022-30526


TITLE

plural  ZyXEL  Product permission management vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2022-013684

DESCRIPTION

A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device. ZyXEL The product contains a vulnerability in permission management.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-30526 // JVNDB: JVNDB-2022-013684 // VULMON: CVE-2022-30526

AFFECTED PRODUCTS

vendor:zyxelmodel:usg flex 100wscope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:zywall 1100scope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:atp800scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:usg20w-vpnscope:gteversion:4.16

Trust: 1.0

vendor:zyxelmodel:usg flex 50wscope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:atp700scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:usg 2200-vpnscope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:zywall 310scope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:atp800scope:gteversion:4.32

Trust: 1.0

vendor:zyxelmodel:usg60scope:gteversion:4.09

Trust: 1.0

vendor:zyxelmodel:zywall 1100scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:usg20-vpnscope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:atp100scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:usg40scope:lteversion:4.72

Trust: 1.0

vendor:zyxelmodel:vpn300scope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:atp500scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:usg flex 500scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:zywall 310scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:usg 2200-vpnscope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:usg flex 500scope:gteversion:4.50

Trust: 1.0

vendor:zyxelmodel:usg40wscope:lteversion:4.72

Trust: 1.0

vendor:zyxelmodel:usg flex 50wscope:gteversion:4.16

Trust: 1.0

vendor:zyxelmodel:vpn300scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:atp100wscope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:usg60wscope:gteversion:4.09

Trust: 1.0

vendor:zyxelmodel:atp700scope:gteversion:4.32

Trust: 1.0

vendor:zyxelmodel:vpn100scope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:usg40scope:gteversion:4.09

Trust: 1.0

vendor:zyxelmodel:atp500scope:gteversion:4.32

Trust: 1.0

vendor:zyxelmodel:vpn1000scope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:vpn50scope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:atp200scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:vpn100scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:usg40wscope:gteversion:4.09

Trust: 1.0

vendor:zyxelmodel:atp100scope:gteversion:4.32

Trust: 1.0

vendor:zyxelmodel:atp100wscope:gteversion:4.32

Trust: 1.0

vendor:zyxelmodel:vpn1000scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:zywall 110scope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:usg flex 700scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:usg60scope:lteversion:4.72

Trust: 1.0

vendor:zyxelmodel:vpn50scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:usg20w-vpnscope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:zywall 110scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:atp200scope:gteversion:4.32

Trust: 1.0

vendor:zyxelmodel:usg20-vpnscope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:usg flex 700scope:gteversion:4.50

Trust: 1.0

vendor:zyxelmodel:usg flex 200scope:gteversion:4.50

Trust: 1.0

vendor:zyxelmodel:usg flex 200scope:lteversion:5.30

Trust: 1.0

vendor:zyxelmodel:usg60wscope:lteversion:4.72

Trust: 1.0

vendor:zyxelmodel:usg flex 100wscope:gteversion:4.50

Trust: 1.0

vendor:zyxelmodel:vpn100scope: - version: -

Trust: 0.8

vendor:zyxelmodel:vpn50scope: - version: -

Trust: 0.8

vendor:zyxelmodel:usg flex 50wscope: - version: -

Trust: 0.8

vendor:zyxelmodel:atp100scope: - version: -

Trust: 0.8

vendor:zyxelmodel:vpn300scope: - version: -

Trust: 0.8

vendor:zyxelmodel:atp500scope: - version: -

Trust: 0.8

vendor:zyxelmodel:usg 2200-vpnscope: - version: -

Trust: 0.8

vendor:zyxelmodel:zywall 110scope: - version: -

Trust: 0.8

vendor:zyxelmodel:atp800scope: - version: -

Trust: 0.8

vendor:zyxelmodel:usg flex 500scope: - version: -

Trust: 0.8

vendor:zyxelmodel:usg flex 100wscope: - version: -

Trust: 0.8

vendor:zyxelmodel:usg flex 200scope: - version: -

Trust: 0.8

vendor:zyxelmodel:atp100wscope: - version: -

Trust: 0.8

vendor:zyxelmodel:usg20-vpnscope: - version: -

Trust: 0.8

vendor:zyxelmodel:usg20w-vpnscope: - version: -

Trust: 0.8

vendor:zyxelmodel:atp700scope: - version: -

Trust: 0.8

vendor:zyxelmodel:vpn1000scope: - version: -

Trust: 0.8

vendor:zyxelmodel:usg 310scope: - version: -

Trust: 0.8

vendor:zyxelmodel:usg flex 700scope: - version: -

Trust: 0.8

vendor:zyxelmodel:atp200scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-013684 // NVD: CVE-2022-30526

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2022-30526
value: HIGH

Trust: 1.8

security@zyxel.com.tw: CVE-2022-30526
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202207-1612
value: HIGH

Trust: 0.6

NVD:
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2022-30526
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-013684 // NVD: CVE-2022-30526 // NVD: CVE-2022-30526 // CNNVD: CNNVD-202207-1612

PROBLEMTYPE DATA

problemtype:CWE-269

Trust: 1.0

problemtype:Improper authority management (CWE-269) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-013684 // NVD: CVE-2022-30526

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202207-1612

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202207-1612

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2022-30526

PATCH
title:Zyxel USG FLEX Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=201959
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202207-1612

EXTERNAL IDS
db:NVDid:CVE-2022-30526
Trust: 3.3
db:PACKETSTORMid:168202
Trust: 2.4
db:JVNDBid:JVNDB-2022-013684
Trust: 0.8
db:CXSECURITYid:WLB-2022080075
Trust: 0.6
db:CNNVDid:CNNVD-202207-1612
Trust: 0.6
db:VULMONid:CVE-2022-30526
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-30526 // 
            
            
            
            JVNDB: JVNDB-2022-013684 // 
            
            
            
            NVD: CVE-2022-30526 // 
            
            
            
            CNNVD: CNNVD-202207-1612

REFERENCES
url:http://packetstormsecurity.com/files/168202/zyxel-firewall-suid-binary-privilege-escalation.html
Trust: 3.0
url:https://www.zyxel.com/support/zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml
Trust: 2.5
url:https://nvd.nist.gov/vuln/detail/cve-2022-30526
Trust: 0.8
url:https://cxsecurity.com/issue/wlb-2022080075
Trust: 0.6
url:https://cxsecurity.com/cveshow/cve-2022-30526/
Trust: 0.6
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-30526 // 
            
            
            
            JVNDB: JVNDB-2022-013684 // 
            
            
            
            NVD: CVE-2022-30526 // 
            
            
            
            CNNVD: CNNVD-202207-1612

CREDITS
jbaines-r7
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202207-1612

SOURCES
db:VULMONid:CVE-2022-30526
db:JVNDBid:JVNDB-2022-013684
db:NVDid:CVE-2022-30526
db:CNNVDid:CNNVD-202207-1612

LAST UPDATE DATE
2023-12-18T13:59:38.633000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2022-30526date:2022-07-19T00:00:00
db:JVNDBid:JVNDB-2022-013684date:2023-09-11T08:17:00
db:NVDid:CVE-2022-30526date:2022-12-13T15:38:54.443
db:CNNVDid:CNNVD-202207-1612date:2022-09-01T00:00:00

SOURCES RELEASE DATE
db:VULMONid:CVE-2022-30526date:2022-07-19T00:00:00
db:JVNDBid:JVNDB-2022-013684date:2023-09-11T00:00:00
db:NVDid:CVE-2022-30526date:2022-07-19T06:15:08.827
db:CNNVDid:CNNVD-202207-1612date:2022-07-19T00:00:00