A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.10 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN series firmware versions 5.00 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands by using a crafted PPPoE configuration on an affected device when the cloud management mode is enabled.
Metrics
Affected Vendors & Products
References
History
Thu, 07 Nov 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Zyxel atp100 Firmware
Zyxel usg20w-vpn Firmware Zyxel usg Flex 50\/w\/ Series Firmware Zyxel usg Flex Series Firmware Zyxel vpn Series Firmware |
|
CPEs | cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:usg_flex_50\/w\/_series_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:usg_flex_series_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:vpn_series_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Zyxel atp100 Firmware
Zyxel usg20w-vpn Firmware Zyxel usg Flex 50\/w\/ Series Firmware Zyxel usg Flex Series Firmware Zyxel vpn Series Firmware |
|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Zyxel
Published: 2023-07-17T17:15:45.876Z
Updated: 2024-11-07T19:08:01.595Z
Reserved: 2023-05-17T02:56:16.623Z
Link: CVE-2023-33011
Vulnrichment
Updated: 2024-08-02T15:32:46.611Z
NVD
Status : Modified
Published: 2023-07-17T18:15:09.397
Modified: 2024-11-21T08:04:24.097
Link: CVE-2023-33011
Redhat
No data.