cbcvebase.
CVE-2023-28771
published 2023-04-25

CVE-2023-28771: Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series…

critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2023-06-21
Exploited in the wild
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device.

Affected

25 ranges
VendorProductVersion rangeFixed in
zyxelatp100_firmware>= 4.60 < 5.365.36
zyxelatp100w_firmware>= 4.60 < 5.355.35
zyxelatp200_firmware>= 4.60 < 5.365.36
zyxelatp500_firmware>= 4.60 < 5.365.36
zyxelatp700_firmware>= 4.60 < 5.365.36
zyxelatp800_firmware>= 4.60 < 5.365.36
zyxelatp_series_firmware
zyxelusg_flex_100_firmware>= 4.60 < 5.365.36
zyxelusg_flex_100w_firmware>= 4.60 < 5.365.36
zyxelusg_flex_200_firmware>= 4.60 < 5.365.36
zyxelusg_flex_500_firmware>= 4.60 < 5.365.36
zyxelusg_flex_50_firmware>= 4.60 < 5.365.36
zyxelusg_flex_50w_firmware>= 4.60 < 5.365.36
zyxelusg_flex_700_firmware>= 4.60 < 5.365.36
zyxelusg_flex_series_firmware
zyxelvpn1000_firmware>= 4.60 < 5.365.36
zyxelvpn100_firmware>= 4.60 < 5.365.36
zyxelvpn300_firmware>= 4.60 < 5.365.36
zyxelvpn50_firmware>= 4.60 < 5.365.36
zyxelvpn_series_firmware
zyxelzywall_usg_100_firmware
zyxelzywall_usg_100_firmware>= 4.60 < 4.734.73
zyxelzywall_usg_310_firmware
zyxelzywall_usg_310_firmware>= 4.60 < 4.734.73
zyxelzywall_usg_series_firmware

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
cisa9.8CRITICAL