A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
21 Nov 2024, 07:53
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerability-in-4g-lte-and-5g-nr-outdoor-routers - Patch, Third Party Advisory |
12 Jun 2023, 16:50
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
First Time |
Zyxel lte7480-m804 Firmware
Zyxel lte7490-m904 Firmware Zyxel nebula Nr7101 Zyxel Zyxel nebula Nr7101 Firmware Zyxel lte7490-m904 Zyxel nr7101 Zyxel nr7101 Firmware Zyxel lte7480-m804 |
|
CWE | CWE-120 | |
CPE | cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:lte7490-m904_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:* |
|
References | (MISC) https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerability-in-4g-lte-and-5g-nr-outdoor-routers - Patch, Third Party Advisory |
05 Jun 2023, 13:02
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-05 12:15
Updated : 2024-11-21 07:53
NVD link : CVE-2023-27989
Mitre link : CVE-2023-27989
CVE.ORG link : CVE-2023-27989
JSON object : View
Products Affected
zyxel
- nr7101_firmware
- lte7490-m904
- lte7480-m804
- nr7101
- lte7480-m804_firmware
- nebula_nr7101
- nebula_nr7101_firmware
- lte7490-m904_firmware
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')