CVE-2022-26414

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 11-04-2022 03:15

Last modified: - 15-04-2022 05:35

Total changes: - 2

Description

A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Low

Attack complexity

Local

Attack vector

High

Availability

None

Confidentiality

None

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

5.5

Base score

1.8

3.6

Exploitability score

Impact score

Verification logic

AND

vendor=zyxel AND product=vmg3312-t20a_firmware AND version=5.30\(abfx.5\)c0

vendor=zyxel AND product=vmg3312-t20a AND version=-

AND

vendor=zyxel AND product=emg3525-t50b_firmware AND software_edition=america AND versionEndExcluding=5.50\(abpm.6\)c0

vendor=zyxel AND product=emg3525-t50b_firmware AND software_edition=emea AND versionEndExcluding=5.50\(abpm.6\)c0

vendor=zyxel AND product=emg3525-t50b AND version=-

AND

vendor=zyxel AND product=emg5523-t50b_firmware AND software_edition=america AND versionEndExcluding=5.50\(abpm.6\)c0

vendor=zyxel AND product=emg5523-t50b_firmware AND software_edition=emea AND versionEndExcluding=5.50\(abpm.6\)c0

vendor=zyxel AND product=emg5523-t50b AND version=-

AND

vendor=zyxel AND product=emg5723-t50k_firmware AND versionEndExcluding=5.50\(abom.7\)c0

vendor=zyxel AND product=emg5723-t50k AND version=-

AND

vendor=zyxel AND product=emg6726-b10a_firmware AND versionEndExcluding=5.13\(abnp.7\)c0

vendor=zyxel AND product=emg6726-b10a AND version=-

AND

vendor=zyxel AND product=vmg1312-t20b_firmware AND versionEndExcluding=5.50\(absb.5\)c0

vendor=zyxel AND product=vmg1312-t20b AND version=-

AND

vendor=zyxel AND product=vmg3625-t50b_firmware AND versionEndExcluding=5.50\(abpm.6\)c0

vendor=zyxel AND product=vmg3625-t50b AND version=-

AND

vendor=zyxel AND product=vmg3927-b50a_firmware AND versionEndExcluding=5.17\(abmt.6\)c0

vendor=zyxel AND product=vmg3927-b50a AND version=-

AND

vendor=zyxel AND product=vmg3927-b50b_firmware AND versionEndExcluding=5.13\(ably.7\)c0

vendor=zyxel AND product=vmg3927-b50b AND version=-

AND

vendor=zyxel AND product=vmg3927-b60a_firmware AND versionEndExcluding=5.17\(abmt.6\)c0

vendor=zyxel AND product=vmg3927-b60a AND version=-

AND

vendor=zyxel AND product=vmg3927-t50k_firmware AND versionEndExcluding=5.50\(abom.7\)c0

vendor=zyxel AND product=vmg3927-t50k AND version=-

AND

vendor=zyxel AND product=vmg4927-b50a_firmware AND versionEndExcluding=5.13\(ably.7\)c0

vendor=zyxel AND product=vmg4927-b50a AND version=-

AND

vendor=zyxel AND product=vmg8623-t50b_firmware AND versionEndExcluding=5.50\(abpm.6\)c0

vendor=zyxel AND product=vmg8623-t50b AND version=-

AND

vendor=zyxel AND product=vmg8825-b50a_firmware AND versionEndExcluding=5.17\(abmt.6\)c0

vendor=zyxel AND product=vmg8825-b50a AND version=-

AND

vendor=zyxel AND product=vmg8825-b50b_firmware AND versionEndExcluding=5.17\(abny.7\)c0

vendor=zyxel AND product=vmg8825-b50b AND version=-

AND

vendor=zyxel AND product=vmg8825-t50k_firmware AND versionEndExcluding=5.50\(abom.7\)c0

vendor=zyxel AND product=vmg8825-t50k AND version=-

AND

vendor=zyxel AND product=vmg8825-b60a_firmware AND versionEndExcluding=5.17\(abmt.6\)c0

vendor=zyxel AND product=vmg8825-b60a AND version=-

AND

vendor=zyxel AND product=vmg8825-b60b_firmware AND versionEndExcluding=5.17\(abny.7\)c0

vendor=zyxel AND product=vmg8825-b60b AND version=-

AND

vendor=zyxel AND product=xmg3927-b50a_firmware AND versionEndExcluding=5.17\(abmt.6\)c0

vendor=zyxel AND product=xmg3927-b50a AND version=-

AND

vendor=zyxel AND product=xmg8825-b50a_firmware AND versionEndExcluding=5.17\(abmt.6\)c0

vendor=zyxel AND product=xmg8825-b50a AND version=-

AND

vendor=zyxel AND product=dx5401-b0_firmware AND versionEndExcluding=5.17\(abyo.1\)c0

vendor=zyxel AND product=dx5401-b0 AND version=-

AND

vendor=zyxel AND product=ex3510-b0_firmware AND versionEndExcluding=5.17\(abup.4\)c1

vendor=zyxel AND product=ex3510-b0 AND version=-

AND

vendor=zyxel AND product=ex5401-b0_firmware AND versionEndExcluding=5.17\(abyo.1\)c0

vendor=zyxel AND product=ex5401-b0 AND version=-

AND

vendor=zyxel AND product=ex5501-b0_firmware AND versionEndExcluding=5.17\(abry.2\)c0

vendor=zyxel AND product=ex5501-b0 AND version=-

AND

vendor=zyxel AND product=ax7501-b0_firmware AND versionEndExcluding=5.17\(abpc.1\)c0

vendor=zyxel AND product=ax7501-b0 AND version=-

AND

vendor=zyxel AND product=ep240p_firmware AND versionEndExcluding=5.40\(abh.0\)c0

vendor=zyxel AND product=ep240p AND version=-

AND

vendor=zyxel AND product=pm7300-t0_firmware AND versionEndExcluding=5.42\(acbc.1\)c0

vendor=zyxel AND product=pm7300-t0 AND version=-

AND

vendor=zyxel AND product=pmg5317-t20b_firmware AND versionEndExcluding=5.40\(abki.4\)c0

vendor=zyxel AND product=pmg5317-t20b AND version=-

AND

vendor=zyxel AND product=pmg5617ga_firmware AND versionEndExcluding=5.40\(abna.2\)c0

vendor=zyxel AND product=pmg5617ga AND version=-

AND

vendor=zyxel AND product=pmg5617-t20b2_firmware AND versionEndExcluding=5.41\(acbb.1\)c0

vendor=zyxel AND product=pmg5617-t20b2 AND version=-

AND

vendor=zyxel AND product=pmg5622ga_firmware AND versionEndExcluding=5.40\(abnb.2\)c0

vendor=zyxel AND product=pmg5622ga AND version=-

AND

vendor=zyxel AND product=px7501-b0_firmware AND versionEndExcluding=5.17\(abpc.1\)c0

vendor=zyxel AND product=px7501-b0 AND version=-

Reference

https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml

Keywords

CVE-2022-26414

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2022-26414

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures