A buffer overflow vulnerability in the library of the web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
History
18 Jan 2023, 21:48
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:zyxel:nr5103e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:nr5103_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:lte3202-m437_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:lte3316-m604:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:pmg5617ga_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:nr5103e:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:nebula_fwa510:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:lte3202-m437:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:nebula_fwa510_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:pm7320-b0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ep240p:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:nebula_fwa710:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:nebula_fwa710_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:pm7320-b0_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:nr7103_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:lte3316-m604_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:nr7103:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:pmg5317-t20b_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:pmg5622ga_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:lte7490-m904_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:nr5103:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ep240p_firmware:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CWE | CWE-120 | |
First Time |
Zyxel nebula Fwa710 Firmware
Zyxel lte3316-m604 Firmware Zyxel pmg5617ga Zyxel lte3316-m604 Zyxel ep240p Firmware Zyxel pmg5317-t20b Firmware Zyxel ep240p Zyxel nr7102 Firmware Zyxel lte3202-m437 Zyxel nr7101 Zyxel Zyxel pmg5622ga Zyxel nebula Fwa710 Zyxel lte7480-m804 Firmware Zyxel nr7103 Zyxel nr7101 Firmware Zyxel nr5103e Firmware Zyxel lte7490-m904 Zyxel lte7480-m804 Zyxel nr5103 Zyxel nr5103 Firmware Zyxel pm7320-b0 Zyxel lte7490-m904 Firmware Zyxel nebula Fwa510 Firmware Zyxel pmg5317-t20b Zyxel nebula Fwa510 Zyxel nebula Nr7101 Firmware Zyxel pmg5617ga Firmware Zyxel nr5103e Zyxel nr7103 Firmware Zyxel nr7102 Zyxel lte3202-m437 Firmware Zyxel nebula Nr7101 Zyxel pmg5622ga Firmware Zyxel pm7320-b0 Firmware |
|
References | (CONFIRM) https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders - Vendor Advisory |
11 Jan 2023, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-11 02:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-43389
Mitre link : CVE-2022-43389
CVE.ORG link : CVE-2022-43389
JSON object : View
Products Affected
zyxel
- nebula_nr7101
- nr7101
- lte3316-m604
- nr7103_firmware
- pmg5317-t20b_firmware
- nr5103
- lte7490-m904
- ep240p_firmware
- nr5103_firmware
- nr5103e_firmware
- ep240p
- nr7102_firmware
- pmg5622ga_firmware
- nebula_fwa510
- pm7320-b0
- lte7490-m904_firmware
- lte7480-m804_firmware
- nr7103
- lte7480-m804
- pmg5622ga
- nebula_fwa710
- pmg5617ga_firmware
- nebula_nr7101_firmware
- pmg5617ga
- lte3202-m437_firmware
- lte3316-m604_firmware
- nr7101_firmware
- nebula_fwa710_firmware
- pm7320-b0_firmware
- nr7102
- lte3202-m437
- nr5103e
- nebula_fwa510_firmware
- pmg5317-t20b
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')