{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-43391", "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f", "assignerShortName": "Zyxel", "dateUpdated": "2024-10-15T17:12:34.022Z", "dateReserved": "2022-10-18T00:00:00.000Z", "datePublished": "2023-01-11T00:00:00.000Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "NR7101 firmware", "vendor": "Zyxel", "versions": [{"status": "affected", "version": "< V1.15(ACCC.3)C0"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.</p>"}], "value": "A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f", "shortName": "Zyxel", "dateUpdated": "2023-12-29T06:50:37.887Z"}, "references": [{"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:32:58.705Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-15T17:09:12.473207Z", "id": "CVE-2022-43391", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-15T17:12:34.022Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:32:58.705Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-43391", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-15T17:09:12.473207Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-15T17:10:47.308Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Zyxel", "product": "NR7101 firmware", "versions": [{"status": "affected", "version": "< V1.15(ACCC.3)C0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.", "supportingMedia": [{"type": "text/html", "value": "<p>A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f", "shortName": "Zyxel", "dateUpdated": "2023-12-29T06:50:37.887Z"}}}, "cveMetadata": {"cveId": "CVE-2022-43391", "state": "PUBLISHED", "dateUpdated": "2024-10-15T17:12:34.022Z", "dateReserved": "2022-10-18T00:00:00.000Z", "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f", "datePublished": "2023-01-11T00:00:00.000Z", "assignerShortName": "Zyxel"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:lte3301-plus_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "77E3A51F-C92D-4E83-A05E-A26225D4CFDD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*", "matchCriteriaId": "4814D3A1-C0D4-4573-AD77-C2EE7AC11CB4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:lte5388-m804_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3A7440E3-02F9-4416-A571-0008EA8206F4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:lte5388-m804:-:*:*:*:*:*:*:*", "matchCriteriaId": "E67FFCF7-ECE9-4644-B248-1B6E10AD9398", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:lte5398-m904_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "52D18788-84EE-4880-B70D-DE385C5C1100", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:lte5398-m904:-:*:*:*:*:*:*:*", "matchCriteriaId": "F90453B8-19FF-4FF3-A167-E1A70E022201", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:lte7240-m403_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDC6FB56-8601-49D2-BD8C-4D373CF5ACD6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:lte7240-m403:-:*:*:*:*:*:*:*", "matchCriteriaId": "AAE2212F-D523-4706-9FD2-FDA760EE4B4F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:lte7461-m602_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CFEE2F4F-8E90-4D2D-BFDE-DD5B23897087", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:lte7461-m602:-:*:*:*:*:*:*:*", "matchCriteriaId": "8A307AD3-4E60-4859-B182-4CD4CB843757", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7DFDC741-78E6-42AA-B647-DEE9F04AA2DD", "versionEndExcluding": "1.00\\(abra.6\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*", "matchCriteriaId": "E3480021-1538-48ED-BE89-BB0DF562C7DE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:lte7480-s905_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DCAE189-6379-40E6-A4FA-1E0431CCCD09", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:lte7480-s905:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E7AF237-04F2-4054-96DE-3FD059CF4B35", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:lte7485-s905_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "59DDDBA4-966E-4143-9A33-A2431383A732", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:lte7485-s905:-:*:*:*:*:*:*:*", "matchCriteriaId": "E09953F0-2415-45F7-811C-E9D1A361284C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:lte7490-m904_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FB812F29-2FAE-414C-9047-2471148B1E36", "versionEndExcluding": "1.00\\(abqy.5\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC75F6DE-DCAF-47A0-B6BB-0E050C68AF25", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EFD8C47E-C19E-4848-9898-CE0AAF05B0DD", "versionEndExcluding": "1.15\\(acca.3\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*", "matchCriteriaId": "42297A6A-3E50-4E9E-ABF6-58C77F222DC1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nebula_lte7461-m602_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8BF0A17A-5F34-4CD7-8A67-DA277CF78CFC", "versionEndExcluding": "1.15\\(acev.3\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nebula_lte7461-m602:-:*:*:*:*:*:*:*", "matchCriteriaId": "44AA94AF-24B0-4C91-A990-9418EA5A5DAC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nebula_nr5101_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "01D0F1E5-B9F0-4B64-8331-D18641EC161F", "versionEndExcluding": "1.15\\(accg.3\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nebula_nr5101:-:*:*:*:*:*:*:*", "matchCriteriaId": "F9F605B8-A892-4119-AB7A-D14CDC5DFC88", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA537481-4311-4C5E-B577-76C8A789FDAC", "versionEndExcluding": "1.15\\(accc.3\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*", "matchCriteriaId": "52096C1F-F73C-413E-9D37-82EFA4703AEC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nr5101_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9EB8687A-EADF-4B15-8F41-78F1070E0CA3", "versionEndExcluding": "1.00\\(abvc.6\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nr5101:-:*:*:*:*:*:*:*", "matchCriteriaId": "11197D03-1C93-4D6A-950C-273E46CBBC62", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "63A72A80-DA68-4353-8FEA-D372180F8401", "versionEndExcluding": "1.00\\(abuv.7\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*", "matchCriteriaId": "E4D27B24-9822-432C-8B8B-9546EE32DEC6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C56958A5-2427-4A9A-BD40-3B548437CA36", "versionEndExcluding": "1.00\\(abyd.2\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1A15757-DE6F-4A72-9CAD-BAC04BD340A0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:dx3301-t0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "78DE37DB-6F39-48FE-8CE9-626036234C16", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BBDC072-5D40-4130-9B5F-22FDA9BF909A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:dx4510-b1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "66F40E06-666B-490C-84F7-1A7B49834CC1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C8668990-045A-4DDD-9089-DE0025B69765", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:dx5401-b0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE285587-D5F3-42E5-ACB6-BDD03A50236C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*", "matchCriteriaId": "B293E564-2C48-442A-A415-34383DF3ADBA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:emg3525-t50b_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4917CDD6-B5D9-4674-AE43-B75B60B8289E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", "matchCriteriaId": "9259E2F6-885D-4B44-8D40-20758DA599D2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:emg5523-t50b_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "90DEAC05-EB3A-451D-9C0F-8D22B8886605", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3ECE0EB-C429-4716-ABFB-73540847EB9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:emg5723-t50k_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1219D188-2A83-41EC-AC8D-694901E6067C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", "matchCriteriaId": "B18982B2-E575-478E-A2B4-0932DE329056", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:ex3301-t0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D1F9ACE-DA82-4449-ADF9-5F8F540B812E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*", "matchCriteriaId": "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4434EF63-63EA-4A27-A6EF-CEE3000E9F02", "versionEndExcluding": "5.17\\(abup.7\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:ex5401-b0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "15D01EDB-A41C-4FC1-9C4B-38B69360BE90", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:ex5501-b0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "87D32815-5026-4A9A-8C8E-C30F154833AC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*", "matchCriteriaId": "88B8CDD0-E73A-4FAA-9964-D8C09949CB32", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1EC2DCD-97F2-4E13-AE82-468DBF052C4E", "versionEndExcluding": "5.17\\(abqx.7\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*", "matchCriteriaId": "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:ex5512-t0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8FF2B306-1EBD-4A14-A865-94C50F2F036D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*", "matchCriteriaId": "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:ex5600-t1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D6C46819-2848-4C0D-B360-F6987E9D3A82", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:ex5600-t1:-:*:*:*:*:*:*:*", "matchCriteriaId": "021CFB91-4627-4080-BF09-0BB5EFA708DD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:ex5601-t0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "13E7B377-3CF1-4BF5-A960-75952BC382D0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABFF2039-5DCC-4850-8BDA-3D418629C226", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:ex5601-t1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D41D53E2-CB40-4715-A2B5-E9E87C1F3AE0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*", "matchCriteriaId": "D629D4B6-B2F2-45F1-9295-71751570C231", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9EBF0F8D-90CC-4089-AC9A-665348D27331", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B33AE56-3948-494B-9E23-54D939DF0D3E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD68CC70-242D-4A88-B182-DB68D2086225", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "88F74228-AC0C-4150-974D-54D77BBF9A90", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B59AA0D1-9564-48FA-A0AF-C1FC67C0D1EC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*", "matchCriteriaId": "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9C75B24C-177A-470B-BCDE-39D31B0199F1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", "matchCriteriaId": "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A8901BBA-F2D4-49B8-80CF-4BABB5D2F365", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4C2320B-52DF-4F86-86D2-42FB62337773", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:ax7501-b0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6F890C3-F15D-4154-8E70-1529C7C8D89A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*", "matchCriteriaId": "78473083-F702-4B81-AAA0-B66A0984FF6B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:pm3100-t0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D85D00E0-AA47-48AD-8914-A443482D7D7F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*", "matchCriteriaId": "F78F88D4-A782-4075-A3CB-A728CE4014DF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:pm5100-t0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0E683B32-A1A0-4DA4-81C4-61513E9E585F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*", "matchCriteriaId": "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:pm7300-t0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "481013ED-2B6F-4FBB-881A-C0CD038C5FDA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*", "matchCriteriaId": "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:pm7320-b0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E3B9C504-41A4-4756-BDB0-2EE317F801AE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:pm7320-b0:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6A479CC-D543-49A1-8A37-7E9D4A0F0009", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:pmg5317-t20b_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1141E1B7-B6B8-496B-A2CA-A9076D805741", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F1334B5-FC76-412F-A7EF-02EEEE677460", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1CA3BD8C-4FBB-45B6-AB00-55F7D5BA3C1B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*", "matchCriteriaId": "B35005D7-D8E4-4BC5-A59C-6A69255E7EC7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:pmg5617ga_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "366FB20C-6740-431A-A0CA-6EC3FDD3C505", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*", "matchCriteriaId": "9C1B0834-3398-41B0-9A14-7D97768732B4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:pmg5622ga_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F61E8935-26CD-4664-A95C-1BCA77DBC4DF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*", "matchCriteriaId": "840AF834-B7A6-4ACA-BAB9-996D87476D3D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wx3100-t0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA532797-C2BF-4A37-9A36-92F1115150AB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*", "matchCriteriaId": "C2C56248-D12F-46DC-A52F-0607E4A5DCCC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wx3401-b0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E011E78-E7E7-4F84-9A7D-A6548AFBE30C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wx3401-b0:-:*:*:*:*:*:*:*", "matchCriteriaId": "677C554B-F9C7-4780-97C0-6021146F8B3C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wx5600-t0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0ED109DF-7C43-4CEC-AC2C-80762B60C776", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*", "matchCriteriaId": "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request."}, {"lang": "es", "value": "Una vulnerabilidad de desbordamiento de b\u00fafer en el par\u00e1metro del programa CGI en el firmware Zyxel NR7101 anterior a V1.15(ACCC.3)C0, que podr\u00eda permitir a un atacante autenticado causar condiciones de denegaci\u00f3n de servicio (DoS) mediante el env\u00edo de una solicitud HTTP manipulada."}], "id": "CVE-2022-43391", "lastModified": "2026-02-25T16:22:31.707", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security@zyxel.com.tw", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Secondary"}]}, "published": "2023-01-11T02:15:11.250", "references": [{"source": "security@zyxel.com.tw", "tags": ["Vendor Advisory"], "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders"}], "sourceIdentifier": "security@zyxel.com.tw", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "security@zyxel.com.tw", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}