A buffer overflow vulnerability in the “sdwan_iface_ipc” binary of Zyxel ATP series firmware versions 5.10 through 5.32, USG FLEX series firmware versions 5.00 through 5.32, USG FLEX 50(W) firmware versions 5.10 through 5.32, USG20(W)-VPN firmware versions 5.10 through 5.32, and VPN series firmware versions 5.00 through 5.35, which could allow a remote unauthenticated attacker to cause a core dump with a request error message on a vulnerable device by uploading a crafted configuration file.
2023-04-24T17:15:09.833
2024-11-21T07:45:38.780
Modified
CVSSv3.1: 7.5 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | zyxel | usg_flex_100_firmware | ≤ 5.32 | Yes |
| Hardware | zyxel | usg_flex_100 | - | No |
| Operating System | zyxel | usg_flex_100w_firmware | ≤ 5.32 | Yes |
| Hardware | zyxel | usg_flex_100w | - | No |
| Operating System | zyxel | usg_flex_200_firmware | ≤ 5.32 | Yes |
| Hardware | zyxel | usg_flex_200 | - | No |
| Operating System | zyxel | usg_flex_50_firmware | ≤ 5.32 | Yes |
| Hardware | zyxel | usg_flex_50 | - | No |
| Operating System | zyxel | usg_flex_50w_firmware | ≤ 5.32 | Yes |
| Hardware | zyxel | usg_flex_50w | - | No |
| Operating System | zyxel | usg_flex_500_firmware | ≤ 5.32 | Yes |
| Hardware | zyxel | usg_flex_500 | - | No |
| Operating System | zyxel | usg_flex_700_firmware | ≤ 5.32 | Yes |
| Hardware | zyxel | usg_flex_700 | - | No |
| Operating System | zyxel | vpn100_firmware | ≤ 5.35 | Yes |
| Hardware | zyxel | vpn100 | - | No |
| Operating System | zyxel | vpn1000_firmware | ≤ 5.35 | Yes |
| Hardware | zyxel | vpn1000 | - | No |
| Operating System | zyxel | vpn300_firmware | ≤ 5.35 | Yes |
| Hardware | zyxel | vpn300 | - | No |
| Operating System | zyxel | vpn50_firmware | ≤ 5.35 | Yes |
| Hardware | zyxel | vpn50 | - | No |
| Operating System | zyxel | usg_20w-vpn_firmware | ≤ 5.32 | Yes |
| Hardware | zyxel | usg_20w-vpn | - | No |
| Operating System | zyxel | atp100_firmware | ≤ 5.32 | Yes |
| Hardware | zyxel | atp100 | - | No |
| Operating System | zyxel | atp100w_firmware | ≤ 5.32 | Yes |
| Hardware | zyxel | atp100w | - | No |
| Operating System | zyxel | atp200_firmware | ≤ 5.32 | Yes |
| Hardware | zyxel | atp200 | - | No |
| Operating System | zyxel | atp500_firmware | ≤ 5.32 | Yes |
| Hardware | zyxel | atp500 | - | No |
| Operating System | zyxel | atp700_firmware | ≤ 5.32 | Yes |
| Hardware | zyxel | atp700 | - | No |
| Operating System | zyxel | atp800_firmware | ≤ 5.32 | Yes |
| Hardware | zyxel | atp800 | - | No |