CVE-2023-34138

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-34138
A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2, USG FLEX series firmware versions 4.60 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.60 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.60 through 5.36 Patch 2, and VPN series firmware versions 4.60 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the list of trusted RADIUS clients in advance.

8.0 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.1 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*
cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*
cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*
cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*
cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*
cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*
cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*
cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*
cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:zyxel:zywall_vpn2s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_vpn2s:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:zyxel:zywall_vpn_100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_vpn_100:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:zyxel:zywall_vpn_300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_vpn_300:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:zyxel:zywall_vpn_50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_vpn_50:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2023-07-17 18:15

Updated : 2023-07-26 21:35

NVD link : CVE-2023-34138

Mitre link : CVE-2023-34138

CVE.ORG link : CVE-2023-34138

JSON object : View

Products Affected

zyxel

  • zywall_vpn2s
  • usg_flex_500
  • zywall_atp200_firmware
  • usg_flex_50_firmware
  • usg_2200-vpn_firmware
  • usg_flex_100w_firmware
  • zywall_atp700_firmware
  • usg_flex_700_firmware
  • zywall_atp500_firmware
  • usg_flex_100w
  • usg_flex_200_firmware
  • zywall_vpn300_firmware
  • zywall_vpn100_firmware
  • zywall_vpn_300_firmware
  • usg_flex_100_firmware
  • zywall_vpn2s_firmware
  • zywall_atp100w
  • zywall_atp100_firmware
  • zywall_vpn_100_firmware
  • usg_flex_50w_firmware
  • zywall_atp100
  • usg_flex_200
  • zywall_vpn_50
  • zywall_vpn300
  • usg_2200-vpn
  • zywall_vpn_100
  • zywall_atp100w_firmware
  • usg_20w-vpn
  • usg_flex_700
  • zywall_atp800
  • usg_flex_50
  • usg_20w-vpn_firmware
  • zywall_atp700
  • zywall_atp800_firmware
  • zywall_vpn50
  • usg_flex_100
  • zywall_atp200
  • zywall_vpn_50_firmware
  • usg_flex_500_firmware
  • zywall_vpn_300
  • zywall_atp500
  • zywall_vpn100
  • usg_flex_50w
  • zywall_vpn50_firmware
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')