CVE-2023-22918

Exposure of Private Personal Information to an Unauthorized Actor (CWE-359)

Published: Apr 24, 2023 / Updated: 19mo ago

010
CVSS 6.5EPSS 0.06%Medium
CVE info copied to clipboard

A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Timeline

First Article

Feedly found the first article mentioning CVE-2023-22918. See article

Apr 24, 2023 at 5:13 PM / nitter.net
EPSS

EPSS Score was set to: 0.06% (Percentile: 25%)

Sep 17, 2023 at 1:22 PM
Static CVE Timeline Graph

Affected Systems

Zyxel/nwa1123acv3_firmware
+null more

Patches

www.zyxel.com
+null more

Attack Patterns

CAPEC-464: Evercookie
+null more

References

Zyxel security advisory for multiple vulnerabilities of firewalls and APs
A post-authentication command injection vulnerability in the “account_operator.cgi” CGI program of some firewall versions could allow a remote authenticated attacker to modify device configuration data, resulting in denial-of-service (DoS) conditions on an affected device. A buffer overflow vulnerability in the “fbwifi_forward.cgi” CGI program of some firewall versions could allow a remote unauthenticated attacker to cause DoS conditions by sending a crafted HTTP request if the Facebook WiFi function were enabled on an affected device.

News

Zyxel Firewalls: Critical Vulnerability! Multiple vulnerabilities reported
The latest manufacturer recommendations regarding updates, workarounds and security patches for this vulnerability can be found here: CISA Alert (Status: 01.06.2023). These often contain further information on the latest version of the software in question and the availability of security patches or tips on workarounds.
Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now
Zyxel has also addressed a high-severity post-authentication command injection vulnerability affecting select firewall versions ( CVE-2023-27991, CVSS score: 8.8) that could permit an authenticated attacker to execute some OS commands remotely. Networking equipment maker Zyxel has released patches for a critical security flaw in its firewall devices that could be exploited to achieve remote code execution on affected systems.
Zyxel security advisory for multiple vulnerabilities of firewalls and APs
A post-authentication command injection vulnerability in the “account_operator.cgi” CGI program of some firewall versions could allow a remote authenticated attacker to modify device configuration data, resulting in denial-of-service (DoS) conditions on an affected device. A buffer overflow vulnerability in the “fbwifi_forward.cgi” CGI program of some firewall versions could allow a remote unauthenticated attacker to cause DoS conditions by sending a crafted HTTP request if the Facebook WiFi function were enabled on an affected device.
Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now
Networking products maker Zyxel has produced patches for a critical security flaw in its firewall equipment that could be exploited to obtain remote code execution on impacted units. Zyxel has also tackled a substantial-severity put up-authentication command injection vulnerability impacting choose firewall variations (CVE-2023-27991, CVSS score: 8.8) that could allow an authenticated attacker to execute some OS instructions remotely.
Zyxel Firewall Devices Vulnerable To Remote Code Execution Attacks — Patch Now
Zyxel has also addressed a high-severity post-authentication command injection vulnerability affecting select firewall versions ( CVE-2023-27991, CVSS score: 8.8) that could permit an authenticated attacker to execute some OS commands remotely. Networking equipment maker Zyxel has released patches for a critical security flaw in its firewall devices that could be exploited to achieve remote code execution on affected systems.
See 13 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:None
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI