BDU:2022-02929
Scores
EPSS Score
0.0000
CVSS
3.x 9.8
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
All CVSS Scores
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Description
Уязвимость реализации HTTP-интерфейса администрирования межсетевых экранов Zyxell связана с ошибками при обработке входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнять произвольные команды путем внедрения специально сформированного файла
Sources
Related Vulnerabilities
Reference Links
Vulnerable Software
Type: Configuration
Vendor: zyxel communications corp.
Product: atp
Operating System: * *
{
"version_end_excluding": "5.30"
}Source: bdu
Type: Configuration
Vendor: zyxel communications corp.
Product: usg flex 100
Operating System: * *
{
"version_end_excluding": "5.30"
}Source: bdu
Type: Configuration
Vendor: zyxel communications corp.
Product: usg flex 100w
Operating System: * *
{
"version_end_excluding": "5.30"
}Source: bdu
Type: Configuration
Vendor: zyxel communications corp.
Product: usg flex 200
Operating System: * *
{
"version_end_excluding": "5.30"
}Source: bdu
Type: Configuration
Vendor: zyxel communications corp.
Product: usg flex 50(w)
Operating System: * *
{
"version_end_excluding": "5.30"
}Source: bdu
Type: Configuration
Vendor: zyxel communications corp.
Product: usg flex 500
Operating System: * *
{
"version_end_excluding": "5.30"
}Source: bdu
Type: Configuration
Vendor: zyxel communications corp.
Product: usg flex 700
Operating System: * *
{
"version_end_excluding": "5.30"
}Source: bdu
Type: Configuration
Vendor: zyxel communications corp.
Product: usg usg20(w)-vpn
Operating System: * *
{
"version_end_excluding": "5.30"
}Source: bdu
Type: Configuration
Vendor: zyxel communications corp.
Product: vpn
Operating System: * *
{
"version_end_excluding": "5.30"
}Source: bdu