6.5
CVE-2024-1575
- EPSS 0.19%
- Veröffentlicht 23.07.2024 02:15:02
- Zuletzt bearbeitet 22.01.2025 22:33:15
- Quelle security@zyxel.com.tw
- CVE-Watchlists
- Unerledigt
LoginThe improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70(ACGG.3) and earlier versions could allow an authenticated user to escalate privileges and download the configuration files on a vulnerable device.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zyxel ≫ Nwa50ax Firmware Version < 7.00\(abyw.1\)
Zyxel ≫ Nwa50ax-pro Firmware Version < 7.00\(acge.1\)
Zyxel ≫ Nwa55axe Firmware Version < 7.00\(abzl.1\)
Zyxel ≫ Nwa90ax Firmware Version < 7.00\(accv.1\)
Zyxel ≫ Nwa90ax-pro Firmware Version < 7.00\(acgf.1\)
Zyxel ≫ Nwa110ax Firmware Version < 7.00\(abtg.1\)
Zyxel ≫ Nwa210ax Firmware Version < 7.00\(abtd.1\)
Zyxel ≫ Nwa220ax-6e Firmware Version < 7.00\(acco.1\)
Zyxel ≫ Nwa1123acv3 Firmware Version < 6.70\(abvt.4\)
Zyxel ≫ Wac500 Firmware Version < 6.70\(abvs.4\)
Zyxel ≫ Wac500h Firmware Version < 6.70\(abwa.4\)
Zyxel ≫ Wax300h Firmware Version < 7.00\(achf.1\)
Zyxel ≫ Wax510d Firmware Version < 7.00\(abtf.1\)
Zyxel ≫ Wax610d Firmware Version < 7.00\(abte.1\)
Zyxel ≫ Wax620d-6e Firmware Version < 7.00\(accn.1\)
Zyxel ≫ Wax630s Firmware Version < 7.00\(abzd.1\)
Zyxel ≫ Wax640s-6e Firmware Version < 7.00\(accm.1\)
Zyxel ≫ Wax650s Firmware Version < 7.00\(abrm.1\)
Zyxel ≫ Wax655e Firmware Version < 7.00\(acdo.1\)
Zyxel ≫ Wbe660s Firmware Version < 7.00\(acgg.1\)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.414 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| security@zyxel.com.tw | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-269 Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.