A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 up to and including 5.36 Patch 2, USG FLEX series firmware versions 5.00 up to and including 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.00 up to and including 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.00 up to and including 5.36 Patch 2, VPN series firmware versions 5.00 up to and including 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) up to and including 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) up to and including 6.10(AAOS.4), could allow an unauthenticated, LAN-based malicious user to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the managed AP list in advance.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
zyxel usg 20w-vpn firmware |
||
zyxel usg 2200-vpn firmware |
||
zyxel usg flex 100 firmware |
||
zyxel usg flex 100w firmware |
||
zyxel usg flex 200 firmware |
||
zyxel usg flex 50 firmware |
||
zyxel usg flex 500 firmware |
||
zyxel usg flex 50w firmware |
||
zyxel usg flex 700 firmware |
||
zyxel zywall atp100 firmware |
||
zyxel zywall atp100w firmware |
||
zyxel zywall atp200 firmware |
||
zyxel zywall atp500 firmware |
||
zyxel zywall atp700 firmware |
||
zyxel zywall atp800 firmware |
||
zyxel zywall vpn100 firmware |
||
zyxel zywall vpn2s firmware |
||
zyxel zywall vpn300 firmware |
||
zyxel zywall vpn50 firmware |
||
zyxel zywall vpn 100 firmware |
||
zyxel zywall vpn 300 firmware |
||
zyxel zywall vpn 50 firmware |
||
zyxel nxc2500 firmware |
||
zyxel nxc5500 firmware |
Vulmon