OpenCVE

A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Zyxel	Nas326 Nas326 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.zyxel.com/support/Zyxel-security-advisory-for-format-string-vulnerability-in-NAS.shtml

History

No history.

MITRE

Status: PUBLISHED

Assigner: Zyxel

Published: 2022-09-06T01:20:10

Updated: 2024-08-03T09:22:09.239Z

Reserved: 2022-06-28T00:00:00

Link: CVE-2022-34747

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-09-06T02:15:07.517

Modified: 2024-11-21T07:10:06.647

Link: CVE-2022-34747

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Zyxel NAS326 firmware", "vendor": "Zyxel", "versions": [{"status": "affected", "version": "< V5.21(AAZF.12)C0"}]}], "descriptions": [{"lang": "en", "value": "A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-134", "description": "CWE-134: Use of Externally-Controlled Format String", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-06T01:20:10", "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f", "shortName": "Zyxel"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-format-string-vulnerability-in-NAS.shtml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@zyxel.com.tw", "ID": "CVE-2022-34747", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Zyxel NAS326 firmware", "version": {"version_data": [{"version_value": "< V5.21(AAZF.12)C0"}]}}]}, "vendor_name": "Zyxel"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet."}]}, "impact": {"cvss": {"baseScore": "9.8", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-134: Use of Externally-Controlled Format String"}]}]}, "references": {"reference_data": [{"name": "https://www.zyxel.com/support/Zyxel-security-advisory-for-format-string-vulnerability-in-NAS.shtml", "refsource": "CONFIRM", "url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-format-string-vulnerability-in-NAS.shtml"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T09:22:09.239Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-format-string-vulnerability-in-NAS.shtml"}]}]}, "cveMetadata": {"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f", "assignerShortName": "Zyxel", "cveId": "CVE-2022-34747", "datePublished": "2022-09-06T01:20:10", "dateReserved": "2022-06-28T00:00:00", "dateUpdated": "2024-08-03T09:22:09.239Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2859006C-00D3-4CF0-B9EF-4CEDD737CF98", "versionEndExcluding": "5.21\\(aazf.12\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0A01B19-4A91-4FBC-8447-2E854346DAC5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet."}, {"lang": "es", "value": "Una vulnerabilidad de cadena de formato en Zyxel NAS326 versiones de firmware anteriores a V5.21(AAZF.12)C0, podr\u00eda permitir a un atacante lograr una ejecuci\u00f3n remota no autorizada de c\u00f3digo por medio de un paquete UDP dise\u00f1ado.\n"}], "id": "CVE-2022-34747", "lastModified": "2024-11-21T07:10:06.647", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security@zyxel.com.tw", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-06T02:15:07.517", "references": [{"source": "security@zyxel.com.tw", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-format-string-vulnerability-in-NAS.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-format-string-vulnerability-in-NAS.shtml"}], "sourceIdentifier": "security@zyxel.com.tw", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-134"}], "source": "security@zyxel.com.tw", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-134"}], "source": "nvd@nist.gov", "type": "Primary"}]}