Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2023-22918

Published: 24/04/2023 Updated: 12/06/2023
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Zyxel

Vulnerability Summary

A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 up to and including 5.35, USG FLEX series firmware versions 4.50 up to and including 5.35, USG FLEX 50(W) firmware versions 4.16 up to and including 5.35, USG20(W)-VPN firmware versions 4.16 up to and including 5.35, VPN series firmware versions 4.30 up to and including 5.35, NWA110AX firmware version 6.50(ABTG.2) and previous versions versions, WAC500 firmware version 6.50(ABVS.0) and previous versions versions, and WAX510D firmware version 6.50(ABTF.2) and previous versions versions, which could allow a remote authenticated malicious user to retrieve encrypted information of the administrator on an affected device.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

zyxel atp200_firmware

zyxel atp100_firmware

zyxel atp700_firmware

zyxel atp500_firmware

zyxel atp100w_firmware

zyxel atp800_firmware

zyxel usg_flex_100_firmware

zyxel usg_flex_50_firmware

zyxel usg_flex_200_firmware

zyxel usg_flex_500_firmware

zyxel usg_flex_700_firmware

zyxel usg_flex_100w_firmware

zyxel usg_20w-vpn_firmware

zyxel usg_flex_50w_firmware

zyxel usg20-vpn_firmware

zyxel vpn100_firmware

zyxel vpn1000_firmware

zyxel vpn300_firmware

zyxel vpn50_firmware

zyxel nap203_firmware

zyxel nap303_firmware

zyxel nap353_firmware

zyxel nwa110ax_firmware

zyxel nwa1123-ac_hd_firmware

zyxel nwa1123-ac-pro_firmware

zyxel nwa1123acv3_firmware

zyxel nwa210ax_firmware

zyxel nwa220ax-6e_firmware

zyxel nwa50ax_firmware

zyxel nwa50ax-pro_firmware

zyxel nwa5123-ac_hd_firmware

zyxel nwa55axe_firmware

zyxel nwa90ax_firmware

zyxel nwa90ax-pro_firmware

zyxel wac500_firmware

zyxel wac500h_firmware

zyxel wac5302d-sv2_firmware

zyxel wac6103d-i_firmware

zyxel wac6303d-s_firmware

zyxel wac6502d-e_firmware

zyxel wac6502d-s_firmware

zyxel wac6503d-s_firmware

zyxel wac6552d-s_firmware

zyxel wac6553d-e_firmware

zyxel wax510d_firmware

zyxel wax610d_firmware

zyxel wax620d-6e_firmware

zyxel wax630s_firmware

zyxel wax640s-6e_firmware

zyxel wax650s_firmware

zyxel wax655e_firmware

References

NVD-CWE-noinfohttps://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-apshttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook