A command injection vulnerability in the Free Time WiFi hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.36 Patch 2 and VPN series firmware versions 4.20 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors Products
Zyxel
  • Usg Flex 50
  • Usg Flex 50w Firmware
  • Usg Flex 50w
  • Usg Flex 100w
  • Zywall Vpn100 Firmware
  • Usg 2200-vpn Firmware
  • Usg Flex 50 Firmware
  • Usg Flex 100
  • Usg Flex 700 Firmware
  • Usg Flex 100 Firmware
  • Zywall Vpn 300 Firmware
  • Usg Flex 700
  • Zywall Vpn 100 Firmware
  • Zywall Vpn50
  • Zywall Vpn50 Firmware
  • Zywall Vpn2s
  • Zywall Vpn 50 Firmware
  • Usg 2200-vpn
  • Usg Flex 500 Firmware
  • Zywall Vpn2s Firmware
  • Zywall Vpn 300
  • Zywall Vpn300
  • Usg Flex 200 Firmware
  • Usg Flex 200
  • Zywall Vpn300 Firmware
  • Zywall Vpn 100
  • Zywall Vpn 50
  • Usg Flex 100w Firmware
  • Usg Flex 500
  • Zywall Vpn100

Configuration 1 [-]

AND
cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:zyxel:zywall_vpn2s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_vpn2s:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:zyxel:zywall_vpn_100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_vpn_100:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:zyxel:zywall_vpn_300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_vpn_300:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:zyxel:zywall_vpn_50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_vpn_50:-:*:*:*:*:*:*:*
References
Link Resource
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: Zyxel

Published: 2023-07-17T17:36:32.909Z

Updated: 2023-07-18T01:16:42.677Z

Reserved: 2023-05-26T03:44:51.339Z

Link: CVE-2023-34139

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2023-07-17T18:15:09.607

Modified: 2023-07-26T21:30:22.970

Link: CVE-2023-34139

JSON object: View

cve-icon Redhat Information

No data.

CWE