Sign-up

ID

VAR-202302-0865


CVE

CVE-2022-38547


TITLE

plural  Zyxel  In the product  OS  Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2023-003229

DESCRIPTION

A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72, VPN series firmware versions 4.30 through 5.32, USG FLEX series firmware versions 4.50 through 5.32, and ATP series firmware versions 4.32 through 5.32, which could allow an authenticated attacker with administrator privileges to execute OS commands. plural Zyxel The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-38547 // JVNDB: JVNDB-2023-003229 // VULMON: CVE-2022-38547

AFFECTED PRODUCTS

vendor:zyxelmodel:usg flex 500scope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:zywall 110scope:gteversion:4.20

Trust: 1.0

vendor:zyxelmodel:atp800scope:gteversion:4.32

Trust: 1.0

vendor:zyxelmodel:vpn300scope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:atp100wscope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:usg40scope:lteversion:4.72

Trust: 1.0

vendor:zyxelmodel:vpn300scope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:usg flex 500scope:gteversion:4.50

Trust: 1.0

vendor:zyxelmodel:usg40wscope:lteversion:4.72

Trust: 1.0

vendor:zyxelmodel:atp200scope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:vpn100scope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:usg40wscope:gteversion:4.20

Trust: 1.0

vendor:zyxelmodel:zywall 110scope:lteversion:4.72

Trust: 1.0

vendor:zyxelmodel:atp700scope:gteversion:4.32

Trust: 1.0

vendor:zyxelmodel:vpn1000scope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:vpn100scope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:zywall 1100scope:gteversion:4.20

Trust: 1.0

vendor:zyxelmodel:usg flex 50scope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:usg60scope:gteversion:4.20

Trust: 1.0

vendor:zyxelmodel:usg20w-vpnscope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:atp500scope:gteversion:4.32

Trust: 1.0

vendor:zyxelmodel:usg flex 700scope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:usg flex 100scope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:vpn1000scope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:vpn50scope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:vpn50scope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:usg20w-vpnscope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:zywall 310scope:gteversion:4.20

Trust: 1.0

vendor:zyxelmodel:atp100scope:gteversion:4.32

Trust: 1.0

vendor:zyxelmodel:atp100wscope:gteversion:4.32

Trust: 1.0

vendor:zyxelmodel:usg flex 50scope:gteversion:4.50

Trust: 1.0

vendor:zyxelmodel:zywall 1100scope:lteversion:4.72

Trust: 1.0

vendor:zyxelmodel:usg flex 200scope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:usg flex 100scope:gteversion:4.50

Trust: 1.0

vendor:zyxelmodel:usg60scope:lteversion:4.72

Trust: 1.0

vendor:zyxelmodel:usg60wscope:gteversion:4.20

Trust: 1.0

vendor:zyxelmodel:usg flex 100wscope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:atp800scope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:zywall 310scope:lteversion:4.72

Trust: 1.0

vendor:zyxelmodel:atp200scope:gteversion:4.32

Trust: 1.0

vendor:zyxelmodel:usg40scope:gteversion:4.20

Trust: 1.0

vendor:zyxelmodel:atp700scope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:usg20-vpnscope:gteversion:4.30

Trust: 1.0

vendor:zyxelmodel:usg flex 700scope:gteversion:4.50

Trust: 1.0

vendor:zyxelmodel:usg flex 200scope:gteversion:4.50

Trust: 1.0

vendor:zyxelmodel:usg20-vpnscope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:atp100scope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:atp500scope:lteversion:5.32

Trust: 1.0

vendor:zyxelmodel:usg60wscope:lteversion:4.72

Trust: 1.0

vendor:zyxelmodel:usg flex 100wscope:gteversion:4.50

Trust: 1.0

vendor:zyxelmodel:usg flex 200scope: - version: -

Trust: 0.8

vendor:zyxelmodel:usg flex 50scope: - version: -

Trust: 0.8

vendor:zyxelmodel:atp200scope: - version: -

Trust: 0.8

vendor:zyxelmodel:atp700scope: - version: -

Trust: 0.8

vendor:zyxelmodel:atp100wscope: - version: -

Trust: 0.8

vendor:zyxelmodel:usg flex 500scope: - version: -

Trust: 0.8

vendor:zyxelmodel:atp500scope: - version: -

Trust: 0.8

vendor:zyxelmodel:usg flex 700scope: - version: -

Trust: 0.8

vendor:zyxelmodel:atp800scope: - version: -

Trust: 0.8

vendor:zyxelmodel:atp100scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2023-003229 // NVD: CVE-2022-38547

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2022-38547
value: HIGH

Trust: 1.0

security@zyxel.com.tw: CVE-2022-38547
value: HIGH

Trust: 1.0

OTHER: JVNDB-2023-003229
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202302-487
value: HIGH

Trust: 0.6

NVD:
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.1

Trust: 2.0

OTHER: JVNDB-2023-003229
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2023-003229 // NVD: CVE-2022-38547 // NVD: CVE-2022-38547 // CNNVD: CNNVD-202302-487

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.0

problemtype:OS Command injection (CWE-78) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-003229 // NVD: CVE-2022-38547

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202302-487

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202302-487

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2022-38547

PATCH
title:Zyxel security advisory for post-authentication RCE in firewallsurl:https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-rce-in-firewalls
Trust: 0.8
title:ZyXEL ZyWALL USG Fixes for operating system command injection vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqbyid.tag?id=225393
Trust: 0.6
title: - url:https://github.com/live-hack-cve/cve-2022-38547 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-38547 // 
            
            
            
            JVNDB: JVNDB-2023-003229 // 
            
            
            
            CNNVD: CNNVD-202302-487

EXTERNAL IDS
db:NVDid:CVE-2022-38547
Trust: 3.3
db:JVNDBid:JVNDB-2023-003229
Trust: 0.8
db:CNNVDid:CNNVD-202302-487
Trust: 0.6
db:VULMONid:CVE-2022-38547
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-38547 // 
            
            
            
            JVNDB: JVNDB-2023-003229 // 
            
            
            
            NVD: CVE-2022-38547 // 
            
            
            
            CNNVD: CNNVD-202302-487

REFERENCES
url:https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-rce-in-firewalls
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2022-38547
Trust: 0.8
url:https://cxsecurity.com/cveshow/cve-2022-38547/
Trust: 0.6
url:https://github.com/live-hack-cve/cve-2022-38547
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-38547 // 
            
            
            
            JVNDB: JVNDB-2023-003229 // 
            
            
            
            NVD: CVE-2022-38547 // 
            
            
            
            CNNVD: CNNVD-202302-487

SOURCES
db:VULMONid:CVE-2022-38547
db:JVNDBid:JVNDB-2023-003229
db:NVDid:CVE-2022-38547
db:CNNVDid:CNNVD-202302-487

LAST UPDATE DATE
2023-12-18T13:26:45.600000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2022-38547date:2023-02-07T00:00:00
db:JVNDBid:JVNDB-2023-003229date:2023-09-05T05:07:00
db:NVDid:CVE-2022-38547date:2023-02-14T23:45:41.760
db:CNNVDid:CNNVD-202302-487date:2023-02-15T00:00:00

SOURCES RELEASE DATE
db:VULMONid:CVE-2022-38547date:2023-02-07T00:00:00
db:JVNDBid:JVNDB-2023-003229date:2023-09-05T00:00:00
db:NVDid:CVE-2022-38547date:2023-02-07T02:15:07.883
db:CNNVDid:CNNVD-202302-487date:2023-02-07T00:00:00