Sign-up

ID

VAR-202304-2073


CVE

CVE-2023-28771


TITLE

Zyxel ZyWALL USG Operating system command injection vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202304-1976

DESCRIPTION

Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device

Trust: 0.99

sources: NVD: CVE-2023-28771 // VULMON: CVE-2023-28771

AFFECTED PRODUCTS

vendor:zyxelmodel:usg flex 100wscope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:usg flex 50wscope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:atp500scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:zywall usg 100scope:eqversion:4.73

Trust: 1.0

vendor:zyxelmodel:atp700scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:atp700scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:usg flex 500scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:atp100scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:atp500scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:zywall usg 310scope:eqversion:4.73

Trust: 1.0

vendor:zyxelmodel:usg flex 500scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:zywall usg 100scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:atp100scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:vpn300scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:atp100wscope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:vpn100scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:vpn300scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:zywall usg 310scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:atp200scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:atp200scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:vpn1000scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:usg flex 50scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:usg flex 100scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:usg flex 50scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:usg flex 100scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:zywall usg 100scope:ltversion:4.73

Trust: 1.0

vendor:zyxelmodel:usg flex 700scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:vpn100scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:vpn1000scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:vpn50scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:usg flex 100wscope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:atp800scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:vpn50scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:atp800scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:usg flex 50wscope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:usg flex 700scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:usg flex 200scope:ltversion:5.36

Trust: 1.0

vendor:zyxelmodel:zywall usg 310scope:ltversion:4.73

Trust: 1.0

vendor:zyxelmodel:usg flex 200scope:gteversion:4.60

Trust: 1.0

vendor:zyxelmodel:atp100wscope:ltversion:5.35

Trust: 1.0

sources: NVD: CVE-2023-28771

CVSS

SEVERITY

CVSSV2

CVSSV3

security@zyxel.com.tw: CVE-2023-28771
value: CRITICAL

Trust: 1.0

NVD: CVE-2023-28771
value: CRITICAL

Trust: 1.0

CNNVD: CNNVD-202304-1976
value: CRITICAL

Trust: 0.6

security@zyxel.com.tw:
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 2.0

sources: NVD: CVE-2023-28771 // NVD: CVE-2023-28771 // CNNVD: CNNVD-202304-1976

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.0

sources: NVD: CVE-2023-28771

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202304-1976

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202304-1976

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2023-28771

PATCH
title:Zyxel ZyWALL USG Fixes for operating system command injection vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqbyid.tag?id=234820
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202304-1976

EXTERNAL IDS
db:NVDid:CVE-2023-28771
Trust: 1.7
db:PACKETSTORMid:172820
Trust: 1.6
db:CNNVDid:CNNVD-202304-1976
Trust: 0.6
db:VULMONid:CVE-2023-28771
Trust: 0.1
sources:
            
            
            VULMON: CVE-2023-28771 // 
            
            
            
            NVD: CVE-2023-28771 // 
            
            
            
            CNNVD: CNNVD-202304-1976

REFERENCES
url:https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-remote-command-injection-vulnerability-of-firewalls
Trust: 1.7
url:http://packetstormsecurity.com/files/172820/zyxel-ike-packet-decoder-unauthenticated-remote-code-execution.html
Trust: 1.6
url:https://cxsecurity.com/cveshow/cve-2023-28771/
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2023-28771
Trust: 0.6
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULMON: CVE-2023-28771 // 
            
            
            
            NVD: CVE-2023-28771 // 
            
            
            
            CNNVD: CNNVD-202304-1976

SOURCES
db:VULMONid:CVE-2023-28771
db:NVDid:CVE-2023-28771
db:CNNVDid:CNNVD-202304-1976

LAST UPDATE DATE
2023-12-18T13:59:09.508000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2023-28771date:2023-04-25T00:00:00
db:NVDid:CVE-2023-28771date:2023-06-09T18:12:04.557
db:CNNVDid:CNNVD-202304-1976date:2023-06-12T00:00:00

SOURCES RELEASE DATE
db:VULMONid:CVE-2023-28771date:2023-04-25T00:00:00
db:NVDid:CVE-2023-28771date:2023-04-25T02:15:08.743
db:CNNVDid:CNNVD-202304-1976date:2023-04-24T00:00:00