ID

VAR-202304-2073


CVE

CVE-2023-28771


TITLE

Zyxel ZyWALL USG Operating system command injection vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202304-1976

DESCRIPTION

Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device

Trust: 0.99

sources: NVD: CVE-2023-28771 // VULMON: CVE-2023-28771

AFFECTED PRODUCTS

vendor:zyxelmodel:usg flex 100wscope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:usg flex 50wscope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:atp500scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:zywall usg 100scope:eqversion:4.73

Trust: 1.0

vendor:zyxelmodel:atp700scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:atp700scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:usg flex 500scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:atp100scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:atp500scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:zywall usg 310scope:eqversion:4.73

Trust: 1.0

vendor:zyxelmodel:usg flex 500scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:zywall usg 100scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:atp100scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:vpn300scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:atp100wscope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:vpn100scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:vpn300scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:zywall usg 310scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:atp200scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:atp200scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:vpn1000scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:usg flex 50scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:usg flex 100scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:usg flex 50scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:usg flex 100scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:zywall usg 100scope:ltversion:4.73

Trust: 1.0

vendor:zyxelmodel:usg flex 700scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:vpn100scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:vpn1000scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:vpn50scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:usg flex 100wscope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:atp800scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:vpn50scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:atp800scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:usg flex 50wscope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:usg flex 700scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:usg flex 200scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:zywall usg 310scope:ltversion:4.73

Trust: 1.0

vendor:zyxelmodel:usg flex 200scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:atp100wscope:ltversion:5.35

Trust: 1.0

sources: NVD: CVE-2023-28771

CVSS

SEVERITY

CVSSV2

CVSSV3

security@zyxel.com.tw: CVE-2023-28771
value: CRITICAL

Trust: 1.0

NVD: CVE-2023-28771
value: CRITICAL

Trust: 1.0

CNNVD: CNNVD-202304-1976
value: CRITICAL

Trust: 0.6

security@zyxel.com.tw:
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 2.0

sources: NVD: CVE-2023-28771 // NVD: CVE-2023-28771 // CNNVD: CNNVD-202304-1976

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.0

sources: NVD: CVE-2023-28771

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202304-1976

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202304-1976

CONFIGURATIONS

sources: NVD: CVE-2023-28771

PATCH

title:Zyxel ZyWALL USG Fixes for operating system command injection vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqbyid.tag?id=234820

Trust: 0.6

sources: CNNVD: CNNVD-202304-1976

EXTERNAL IDS

db:NVDid:CVE-2023-28771

Trust: 1.7

db:PACKETSTORMid:172820

Trust: 1.6

db:CNNVDid:CNNVD-202304-1976

Trust: 0.6

db:VULMONid:CVE-2023-28771

Trust: 0.1

sources: VULMON: CVE-2023-28771 // NVD: CVE-2023-28771 // CNNVD: CNNVD-202304-1976

REFERENCES

url:https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-remote-command-injection-vulnerability-of-firewalls

Trust: 1.7

url:http://packetstormsecurity.com/files/172820/zyxel-ike-packet-decoder-unauthenticated-remote-code-execution.html

Trust: 1.6

url:https://cxsecurity.com/cveshow/cve-2023-28771/

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2023-28771

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2023-28771 // NVD: CVE-2023-28771 // CNNVD: CNNVD-202304-1976

SOURCES

db:VULMONid:CVE-2023-28771
db:NVDid:CVE-2023-28771
db:CNNVDid:CNNVD-202304-1976

LAST UPDATE DATE

2023-12-18T13:59:09.508000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2023-28771date:2023-04-25T00:00:00
db:NVDid:CVE-2023-28771date:2023-06-09T18:12:04.557
db:CNNVDid:CNNVD-202304-1976date:2023-06-12T00:00:00

SOURCES RELEASE DATE

db:VULMONid:CVE-2023-28771date:2023-04-25T00:00:00
db:NVDid:CVE-2023-28771date:2023-04-25T02:15:08.743
db:CNNVDid:CNNVD-202304-1976date:2023-04-24T00:00:00