FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2022-43392

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE-120)

Published: Jan 11, 2023 / Updated: 22mo ago

010
CVSS 6.5EPSS 0.04%Medium
CVE info copied to clipboard

A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2022-43392. See article

Jan 11, 2023 at 1:47 AM / twitter.com
EPSS

EPSS Score was set to: 0.04% (Percentile: 11.3%)

Sep 22, 2023 at 11:29 AM
Static CVE Timeline Graph

Affected Systems

Zyxel/ex5501-b0_firmware
+null more

Patches

www.zyxel.com
+null more

Attack Patterns

CAPEC-10: Buffer Overflow via Environment Variables
+null more

News

CVE-2022-43392
CyberSecurityBoard.com Cyber News | RSS Feed / 10mo
A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request. CVE-2022-43392 originally published on CyberSecurityBoard
CVE-2022-43392
Recently updated security vulnerabilities / 22mo
A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request. (CVSS:0.0) (Last Update:2023-01-11)
CVE-2022-43392
Latest security vulnerabilities / 22mo
- CVSS Scores & Vulnerability Types If the vulnerability is created recently it may take a few days to gather vulnerable products list and other information like cvss scores.
NA - CVE-2022-43392 - A buffer overflow vulnerability in the...
Security-Database Alerts Monitor : Last 100 Alerts / 22mo
A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS)...
CVE-2022-43392
Updated CVEs from Tenable / 22mo
Severity Not Scored Description A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request. Read more at https://www.tenable.com/cve/CVE-2022-43392
See 6 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:None
Integrity:None
Availability Impact:High

Categories

CVSS 6.5(29816)CWE-120(2833)Zyxel(259)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial