An improper input validation vulnerability in the “Quagga” package of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to access configuration files on an affected device.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Zyxel

Published: 2023-11-28T01:16:16.723Z

Updated: 2024-08-02T16:23:59.474Z

Reserved: 2023-06-14T06:26:48.563Z

Link: CVE-2023-35136

cve-icon Vulnrichment

Updated: 2024-08-02T16:23:59.474Z

cve-icon NVD

Status : Modified

Published: 2023-11-28T02:15:42.143

Modified: 2024-11-21T08:08:00.423

Link: CVE-2023-35136

cve-icon Redhat

No data.