CVE-2023-6399: A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37…

medium6.5CVSS 3.1

AVNACLPRLUINSUCNINAH

A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, and USG FLEX H series firmware versions from 1.10 through 1.10 Patch 1 could allow an authenticated IPSec VPN user to cause DoS conditions against the “deviceid” daemon by sending a crafted hostname to an affected device if it has the “Device Insight” feature enabled.

Affected

48 ranges· showing 25

Vendor	Product	Version range	Fixed in
zyxel	atp100_firmware	—	—
zyxel	atp100_firmware	>= 5.10 < 5.37	5.37
zyxel	atp100w_firmware	—	—
zyxel	atp100w_firmware	>= 5.10 < 5.37	5.37
zyxel	atp200_firmware	—	—
zyxel	atp200_firmware	>= 5.10 < 5.37	5.37
zyxel	atp500_firmware	—	—
zyxel	atp500_firmware	>= 5.10 < 5.37	5.37
zyxel	atp700_firmware	—	—
zyxel	atp700_firmware	>= 5.10 < 5.37	5.37
zyxel	atp800_firmware	—	—
zyxel	atp800_firmware	>= 5.10 < 5.37	5.37
zyxel	atp_series_firmware	—	—
zyxel	uos	—	—
zyxel	usg20-vpn_firmware	—	—
zyxel	usg20-vpn_firmware	>= 5.10 < 5.37	5.37
zyxel	usg20_vpn_series_firmware	—	—
zyxel	usg20w-vpn_firmware	—	—
zyxel	usg20w-vpn_firmware	>= 5.10 < 5.37	5.37
zyxel	usg_flex_100_firmware	—	—
zyxel	usg_flex_100_firmware	>= 5.10 < 5.37	5.37
zyxel	usg_flex_100ax_firmware	—	—
zyxel	usg_flex_100ax_firmware	>= 5.10 < 5.37	5.37
zyxel	usg_flex_100h_firmware	—	—
zyxel	usg_flex_100h_firmware	>= 5.10 < 5.37	5.37