Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-43393

An improper check for unusual or exceptional conditions in the HTTP request processing function of Zyxel GS1920-24v2 firmware prior to V4.70(ABMH.8)C0, which could allow an unauthenticated attacker to corrupt the contents of the memory and result in a denial-of-service (DoS) condition on a vulnerable device.

Published

2023-01-11T02:15:11.403

Last Modified

2024-11-21T07:26:23.700

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.2 (HIGH)

Weaknesses

Type: Secondary
CWE-754
Type: Primary
CWE-754

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	zyxel	gs1350-6hp_firmware	< 4.70\(abpi.5\)c0	Yes
Hardware	zyxel	gs1350-6hp	-	No
Operating System	zyxel	gs1350-12hp_firmware	< 4.70\(abpj.5\)c0	Yes
Hardware	zyxel	gs1350-12hp	-	No
Operating System	zyxel	gs1350-18hp_firmware	< 4.70\(abpk.5\)c0	Yes
Hardware	zyxel	gs1350-18hp	-	No
Operating System	zyxel	gs1350-26hp_firmware	< 4.70\(abpl.5\)c0	Yes
Hardware	zyxel	gs1350-26hp	-	No
Operating System	zyxel	gs1915-8_firmware	< 4.70\(acap.3\)c0	Yes
Hardware	zyxel	gs1915-8	-	No
Operating System	zyxel	gs1915-8ep_firmware	< 4.70\(acaq.3\)c0	Yes
Hardware	zyxel	gs1915-8ep	-	No
Operating System	zyxel	gs1915-24e_firmware	< 4.70\(acdr.3\)c0	Yes
Hardware	zyxel	gs1915-24e	-	No
Operating System	zyxel	gs1915-24ep_firmware	< 4.70\(acds.3\)c0	Yes
Hardware	zyxel	gs1915-24ep	-	No
Operating System	zyxel	gs1920-24v2_firmware	< 4.70\(abmh.8\)c0	Yes
Hardware	zyxel	gs1920-24v2	-	No
Operating System	zyxel	gs1920-48v2_firmware	< 4.70\(abmj.8\)c0	Yes
Hardware	zyxel	gs1920-48v2	-	No
Operating System	zyxel	gs1920-24hpv2_firmware	< 4.70\(abmi.8\)c0	Yes
Hardware	zyxel	gs1920-24hpv2	-	No
Operating System	zyxel	gs1920-48hpv2_firmware	< 4.70\(abmk.8\)c0	Yes
Hardware	zyxel	gs1920-48hpv2	-	No
Operating System	zyxel	gs2220-10_firmware	< 4.70\(abro.6\)c0	Yes
Hardware	zyxel	gs2220-10	-	No
Operating System	zyxel	gs2220-28_firmware	< 4.70\(abrq.6\)c0	Yes
Hardware	zyxel	gs2220-28	-	No
Operating System	zyxel	gs2220-50_firmware	< 4.70\(abrs.6\)c0	Yes
Hardware	zyxel	gs2220-50	-	No
Operating System	zyxel	gs2220-10hp_firmware	< 4.70\(abrp.6\)c0	Yes
Hardware	zyxel	gs2220-10hp	-	No
Operating System	zyxel	gs2220-28hp_firmware	< 4.70\(abrr.6\)c0	Yes
Hardware	zyxel	gs2220-28hp	-	No
Operating System	zyxel	gs2220-50hp_firmware	< 4.70\(abrt.6\)c0	Yes
Hardware	zyxel	gs2220-50hp	-	No
Operating System	zyxel	xgs1930-28_firmware	< 4.70\(abht.5\)c0	Yes
Hardware	zyxel	xgs1930-28	-	No
Operating System	zyxel	xgs1930-28hp_firmware	< 4.70\(abhs.5\)c0	Yes
Hardware	zyxel	xgs1930-28hp	-	No
Operating System	zyxel	xgs1930-52_firmware	< 4.70\(abhu.5\)c0	Yes
Hardware	zyxel	xgs1930-52	-	No
Operating System	zyxel	xgs1930-52hp_firmware	< 4.70\(abhv.5\)c0	Yes
Hardware	zyxel	xgs1930-52hp	-	No
Operating System	zyxel	xs1930-10_firmware	< 4.80\(abqe.0\)c0	Yes
Hardware	zyxel	xs1930-10	-	No
Operating System	zyxel	xs1930-12hp_firmware	< 4.80\(abqf.0\)c0	Yes
Hardware	zyxel	xs1930-12hp	-	No
Operating System	zyxel	xs1930-12f_firmware	< 4.80\(abzv.0\)c0	Yes
Hardware	zyxel	xs1930-12f	-	No
Operating System	zyxel	xgs2210-28_firmware	< 4.70\(aazj.2\)c0	Yes
Hardware	zyxel	xgs2210-28	-	No
Operating System	zyxel	xgs2210-52_firmware	< 4.70\(aazk.2\)c0	Yes
Hardware	zyxel	xgs2210-52	-	No
Operating System	zyxel	xgs2210-28hp_firmware	< 4.70\(aazl.2\)c0	Yes
Hardware	zyxel	xgs2210-28hp	-	No
Operating System	zyxel	xgs2210-52hp_firmware	< 4.70\(aazm.2\)c0	Yes
Hardware	zyxel	xgs2210-52hp	-	No
Operating System	zyxel	xgs2220-30_firmware	< 4.80\(abxn.1\)c0	Yes
Hardware	zyxel	xgs2220-30	-	No
Operating System	zyxel	xgs2220-30hp_firmware	< 4.80\(abxo.1\)c0	Yes
Hardware	zyxel	xgs2220-30hp	-	No
Operating System	zyxel	xgs2220-30f_firmware	< 4.80\(abye.1\)c0	Yes
Hardware	zyxel	xgs2220-30f	-	No
Operating System	zyxel	xgs2220-54_firmware	< 4.80\(abxp.1\)c0	Yes
Hardware	zyxel	xgs2220-54	-	No
Operating System	zyxel	xgs2220-54hp_firmware	< 4.80\(abxq.1\)c0	Yes
Hardware	zyxel	xgs2220-54hp	-	No
Operating System	zyxel	xgs2220-54fp_firmware	< 4.80\(acce.1\)c0	Yes
Hardware	zyxel	xgs2220-54fp	-	No
Operating System	zyxel	xgs4600-32_firmware	< 4.70\(abbh.4\)c0	Yes
Hardware	zyxel	xgs4600-32	-	No
Operating System	zyxel	xgs4600-32f_firmware	< 4.70\(abbi.4\)c0	Yes
Hardware	zyxel	xgs4600-32f	-	No
Operating System	zyxel	xgs4600-52f_firmware	< 4.70\(abik.4\)c0	Yes
Hardware	zyxel	xgs4600-52f	-	No
Operating System	zyxel	xmg1930-30_firmware	< 4.80\(acar.0\)	Yes
Hardware	zyxel	xmg1930-30	-	No
Operating System	zyxel	xmg1930-30hp_firmware	< 4.80\(acas.0\)	Yes
Hardware	zyxel	xmg1930-30hp	-	No
Operating System	zyxel	xs3800-28_firmware	≤ 4.80\(abml.1\)c0	Yes
Hardware	zyxel	xs3800-28	-	No
Operating System	zyxel	mgs3500-24s_firmware	< 4.10\(abbr.2\)c0	Yes
Hardware	zyxel	mgs3500-24s	-	No
Operating System	zyxel	mgs3520-28_firmware	< 4.10\(aatn.5\)c0	Yes
Operating System	zyxel	mgs3520-28_firmware	4.10\(abqm.1\)c0	Yes
Hardware	zyxel	mgs3520-28	-	No
Operating System	zyxel	mgs3520-28f_firmware	< 4.10\(aatm.4\)c0	Yes
Hardware	zyxel	mgs3520-28f	-	No
Operating System	zyxel	mgs3530-28_firmware	< 4.10\(acem.2\)c0	Yes
Operating System	zyxel	mgs3530-28_firmware	4.10\(acfj.0\)c0	Yes
Hardware	zyxel	mgs3530-28	-	No

References

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-switches Vendor Advisory ([email protected])
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-switches Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)