cbcvebase.
CVE-2023-6764
published 2024-02-20

CVE-2023-6764: A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series…

high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1 could allow an attacker to achieve unauthorized remote code execution by sending a sequence of specially crafted payloads containing an invalid pointer; however, such an attack would require detailed knowledge of an affected device’s memory layout and configuration.

Affected

46 ranges· showing 25
VendorProductVersion rangeFixed in
zyxelatp100_firmware
zyxelatp100_firmware>= 4.32 < 5.375.37
zyxelatp100w_firmware
zyxelatp100w_firmware>= 4.32 < 5.375.37
zyxelatp200_firmware
zyxelatp200_firmware>= 4.32 < 5.375.37
zyxelatp500_firmware
zyxelatp500_firmware>= 4.32 < 5.375.37
zyxelatp700_firmware
zyxelatp700_firmware>= 4.32 < 5.375.37
zyxelatp800_firmware
zyxelatp800_firmware>= 4.32 < 5.375.37
zyxelatp_series_firmware
zyxelusg20-vpn_firmware
zyxelusg20-vpn_firmware>= 4.16 < 5.375.37
zyxelusg20_vpn_series_firmware
zyxelusg20w-vpn_firmware
zyxelusg20w-vpn_firmware>= 4.16 < 5.375.37
zyxelusg_flex_100_firmware
zyxelusg_flex_100_firmware>= 4.50 < 5.375.37
zyxelusg_flex_100ax_firmware
zyxelusg_flex_100ax_firmware>= 4.50 < 5.375.37
zyxelusg_flex_100h_firmware
zyxelusg_flex_100h_firmware>= 4.50 < 5.375.37
zyxelusg_flex_100w_firmware