CVE-2023-28771

Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
OR cpe:2.3:o:zyxel:zywall_usg_310_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:zyxel:zywall_usg_310_firmware:4.73:-:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_usg_310:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
OR cpe:2.3:o:zyxel:zywall_usg_100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:zyxel:zywall_usg_100_firmware:4.73:-:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_usg_100:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:55

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/172820/Zyxel-IKE-Packet-Decoder-Unauthenticated-Remote-Code-Execution.html - Exploit, Third Party Advisory () http://packetstormsecurity.com/files/172820/Zyxel-IKE-Packet-Decoder-Unauthenticated-Remote-Code-Execution.html - Exploit, Third Party Advisory
References () https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-remote-command-injection-vulnerability-of-firewalls - Vendor Advisory () https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-remote-command-injection-vulnerability-of-firewalls - Vendor Advisory

09 Jun 2023, 18:12

Type Values Removed Values Added
References (MISC) http://packetstormsecurity.com/files/172820/Zyxel-IKE-Packet-Decoder-Unauthenticated-Remote-Code-Execution.html - (MISC) http://packetstormsecurity.com/files/172820/Zyxel-IKE-Packet-Decoder-Unauthenticated-Remote-Code-Execution.html - Exploit, Third Party Advisory
CPE cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*
First Time Zyxel usg Flex 50 Firmware

09 Jun 2023, 17:15

Type Values Removed Values Added
References
  • (MISC) http://packetstormsecurity.com/files/172820/Zyxel-IKE-Packet-Decoder-Unauthenticated-Remote-Code-Execution.html -

07 Jun 2023, 18:20

Type Values Removed Values Added
CPE cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*

Information

Published : 2023-04-25 02:15

Updated : 2024-11-21 07:55


NVD link : CVE-2023-28771

Mitre link : CVE-2023-28771

CVE.ORG link : CVE-2023-28771


JSON object : View

Products Affected

zyxel

  • vpn50
  • atp100_firmware
  • vpn300
  • usg_flex_700
  • usg_flex_50
  • vpn50_firmware
  • usg_flex_50_firmware
  • atp100w
  • usg_flex_200_firmware
  • vpn1000
  • atp500_firmware
  • vpn100
  • vpn100_firmware
  • atp200_firmware
  • atp100w_firmware
  • usg_flex_100_firmware
  • usg_flex_100
  • vpn300_firmware
  • zywall_usg_100
  • usg_flex_700_firmware
  • atp700
  • usg_flex_500
  • atp100
  • usg_flex_200
  • zywall_usg_310
  • atp700_firmware
  • usg_flex_50w_firmware
  • zywall_usg_100_firmware
  • zywall_usg_310_firmware
  • usg_flex_100w
  • atp500
  • usg_flex_500_firmware
  • vpn1000_firmware
  • atp200
  • atp800_firmware
  • atp800
  • usg_flex_100w_firmware
  • usg_flex_50w
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')