6.5
CVE-2023-6397
- EPSS 0.13%
- Veröffentlicht 20.02.2024 02:15:48
- Zuletzt bearbeitet 21.01.2025 18:47:29
- Quelle security@zyxel.com.tw
- CVE-Watchlists
- Unerledigt
LoginA null pointer dereference vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1 and USG FLEX series firmware versions from 4.50 through 5.37 Patch 1 could allow a LAN-based attacker to cause denial-of-service (DoS) conditions by downloading a crafted RAR compressed file onto a LAN-side host if the firewall has the “Anti-Malware” feature enabled.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zyxel ≫ Atp100 Firmware Version >= 4.32 < 5.37
Zyxel ≫ Atp100 Firmware Version5.37 Update-
Zyxel ≫ Atp100 Firmware Version5.37 Updatepatch1
Zyxel ≫ Atp100w Firmware Version >= 4.32 < 5.37
Zyxel ≫ Atp100w Firmware Version5.37 Update-
Zyxel ≫ Atp100w Firmware Version5.37 Updatepatch1
Zyxel ≫ Atp200 Firmware Version >= 4.32 < 5.37
Zyxel ≫ Atp200 Firmware Version5.37 Update-
Zyxel ≫ Atp200 Firmware Version5.37 Updatepatch1
Zyxel ≫ Atp500 Firmware Version >= 4.32 < 5.37
Zyxel ≫ Atp500 Firmware Version5.37 Update-
Zyxel ≫ Atp500 Firmware Version5.37 Updatepatch1
Zyxel ≫ Atp700 Firmware Version >= 4.32 < 5.37
Zyxel ≫ Atp700 Firmware Version5.37 Update-
Zyxel ≫ Atp700 Firmware Version5.37 Updatepatch1
Zyxel ≫ Atp800 Firmware Version >= 4.32 < 5.37
Zyxel ≫ Atp800 Firmware Version5.37 Update-
Zyxel ≫ Atp800 Firmware Version5.37 Updatepatch1
Zyxel ≫ Usg Flex 100 Firmware Version >= 4.50 < 5.37
Zyxel ≫ Usg Flex 100 Firmware Version5.37 Update-
Zyxel ≫ Usg Flex 100 Firmware Version5.37 Updatepatch1
Zyxel ≫ Usg Flex 100ax Firmware Version >= 4.50 < 5.37
Zyxel ≫ Usg Flex 100ax Firmware Version5.37 Update-
Zyxel ≫ Usg Flex 100ax Firmware Version5.37 Updatepatch1
Zyxel ≫ Usg Flex 100h Firmware Version >= 4.50 < 5.37
Zyxel ≫ Usg Flex 100h Firmware Version5.37 Update-
Zyxel ≫ Usg Flex 100h Firmware Version5.37 Updatepatch1
Zyxel ≫ Usg Flex 100w Firmware Version >= 4.50 < 5.37
Zyxel ≫ Usg Flex 100w Firmware Version5.37 Update-
Zyxel ≫ Usg Flex 100w Firmware Version5.37 Updatepatch1
Zyxel ≫ Usg Flex 200 Firmware Version >= 4.50 < 5.37
Zyxel ≫ Usg Flex 200 Firmware Version5.37 Update-
Zyxel ≫ Usg Flex 200 Firmware Version5.37 Updatepatch1
Zyxel ≫ Usg Flex 200h Firmware Version >= 4.50 < 5.37
Zyxel ≫ Usg Flex 200h Firmware Version5.37 Update-
Zyxel ≫ Usg Flex 200h Firmware Version5.37 Updatepatch1
Zyxel ≫ Usg Flex 200hp Firmware Version >= 4.50 < 5.37
Zyxel ≫ Usg Flex 200hp Firmware Version5.37 Update-
Zyxel ≫ Usg Flex 200hp Firmware Version5.37 Updatepatch1
Zyxel ≫ Usg Flex 50 Firmware Version >= 4.50 < 5.37
Zyxel ≫ Usg Flex 50 Firmware Version5.37 Update-
Zyxel ≫ Usg Flex 50 Firmware Version5.37 Updatepatch1
Zyxel ≫ Usg Flex 500 Firmware Version >= 4.50 < 5.37
Zyxel ≫ Usg Flex 500 Firmware Version5.37 Update-
Zyxel ≫ Usg Flex 500 Firmware Version5.37 Updatepatch1
Zyxel ≫ Usg Flex 500h Firmware Version >= 4.50 < 5.37
Zyxel ≫ Usg Flex 500h Firmware Version5.37 Update-
Zyxel ≫ Usg Flex 500h Firmware Version5.37 Updatepatch1
Zyxel ≫ Usg Flex 50w Firmware Version >= 4.50 < 5.37
Zyxel ≫ Usg Flex 50w Firmware Version5.37 Update-
Zyxel ≫ Usg Flex 50w Firmware Version5.37 Updatepatch1
Zyxel ≫ Usg Flex 700 Firmware Version >= 4.50 < 5.37
Zyxel ≫ Usg Flex 700 Firmware Version5.37 Update-
Zyxel ≫ Usg Flex 700 Firmware Version5.37 Updatepatch1
Zyxel ≫ Usg Flex 700h Firmware Version >= 4.50 < 5.37
Zyxel ≫ Usg Flex 700h Firmware Version5.37 Update-
Zyxel ≫ Usg Flex 700h Firmware Version5.37 Updatepatch1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.332 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 1.6 | 3.6 |
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| security@zyxel.com.tw | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.