FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2023-27989

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE-120)

Published: Jun 5, 2023 / Updated: 17mo ago

010
CVSS 6.5EPSS 0.09%Medium
CVE info copied to clipboard

A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2023-27989. See article

Jun 5, 2023 at 12:09 PM / cve.report
Threat Intelligence Report

The vulnerability CVE-2023-27989 in Zyxel's 4G LTE and 5G NR outdoor routers can lead to privilege escalation and denial-of-service attacks. This critical vulnerability has the potential to be exploited in the wild by threat actors, and while there are no proof-of-concept exploits currently available, Zyxel is actively working on patches to address the issue and mitigate any downstream impacts to other third-party vendors or technology. See article

Jun 13, 2023 at 9:23 AM
Static CVE Timeline Graph

Affected Systems

Zyxel/lte7480-m804_firmware
+null more

Patches

www.zyxel.com
+null more

Attack Patterns

CAPEC-10: Buffer Overflow via Environment Variables
+null more

References

Rewterz Threat Advisory – Update On Urgent Patching Required As Critical Exploits Targeting Zyxel Firewalls
Rewterz / 17mo
Successful exploitation of these vulnerabilities can lead to two significant security risks: denial-of-service (DoS) attacks and remote code execution. This highlights the significance of promptly addressing vulnerabilities and applying necessary security patches and updates to mitigate potential risks.

News

[CERT-daily] Tageszusammenfassung - 04.07.2023
Daily July 2023 Archive / 16mo
The threat actors behind the DDoSia attack tool have come up with a new version that incorporates a new mechanism to retrieve the list of targets to be bombarded with junk HTTP requests in an attempt to bring them down.The updated variant, written in Golang, "implements an additional security mechanism to conceal the list of targets, which is transmitted from the [command-and-control] to the users," cybersecurity company Sekoia said in a technical write-up. ∗∗∗ Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.
Tageszusammenfassung - 04.07.2023
CERT.at - Tagesberichte / 16mo
Multiple CVEs may affect IBM\u00ae SDK, Java\u2122 Technology Edition shipped with IBM CICS TX Standard Multiple CVEs may affect IBM\u00ae SDK, Java\u2122 Technology Edition shipped with IBM CICS TX Advanced
Rewterz Threat Advisory – CVE-2023-27989 – Zyxel NR7101 Devices Vulnerability
Rewterz News Archives - Rewterz / 17mo
Zyxel NR7101 devices are vulnerable to a denial of service, caused by a buffer overflow in the CGI program. By sending a specially crafted HTTP request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
Rewterz Threat Advisory – Update On Urgent Patching Required As Critical Exploits Targeting Zyxel Firewalls
Rewterz / 17mo
Successful exploitation of these vulnerabilities can lead to two significant security risks: denial-of-service (DoS) attacks and remote code execution. This highlights the significance of promptly addressing vulnerabilities and applying necessary security patches and updates to mitigate potential risks.
Zyxel Firewalls Under Attack! Urgent Patching Required – Source:thehackernews.com
CISO2CISO.COM & CYBER SECURITY GROUP / 17mo
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed two recently disclosed flaws in Zyxel firewalls to its Known Exploited Vulnerabilities ( KEV ) catalog, based on evidence of active exploitation. While the exact nature of the attacks is unknown, the development comes days after another flaw in Zyxel firewalls ( CVE-2023-28771 ) has been actively exploited to ensnare susceptible devices into a Mirai botnet .
See 13 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:None
Integrity:None
Availability Impact:High

Categories

CVSS 6.5(29816)CWE-120(2833)CWE-120(2833)Zyxel(259)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial