Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-1575

The improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70(ACGG.3) and earlier versions could allow an authenticated user to escalate privileges and download the configuration files on a vulnerable device.

Published

2024-07-23T02:15:02.090

Last Modified

2025-01-22T22:33:15.853

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-269
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	zyxel	nwa50ax_firmware	< 7.00\(abyw.1\)	Yes
Hardware	zyxel	nwa50ax	-	No
Operating System	zyxel	nwa50ax-pro_firmware	< 7.00\(acge.1\)	Yes
Hardware	zyxel	nwa50ax-pro	-	No
Operating System	zyxel	nwa55axe_firmware	< 7.00\(abzl.1\)	Yes
Hardware	zyxel	nwa55axe	-	No
Operating System	zyxel	nwa90ax_firmware	< 7.00\(accv.1\)	Yes
Hardware	zyxel	nwa90ax	-	No
Operating System	zyxel	nwa90ax-pro_firmware	< 7.00\(acgf.1\)	Yes
Hardware	zyxel	nwa90ax-pro	-	No
Operating System	zyxel	nwa110ax_firmware	< 7.00\(abtg.1\)	Yes
Hardware	zyxel	nwa110ax	-	No
Operating System	zyxel	nwa210ax_firmware	< 7.00\(abtd.1\)	Yes
Hardware	zyxel	nwa210ax	-	No
Operating System	zyxel	nwa220ax-6e_firmware	< 7.00\(acco.1\)	Yes
Hardware	zyxel	nwa220ax-6e	-	No
Operating System	zyxel	nwa1123acv3_firmware	< 6.70\(abvt.4\)	Yes
Hardware	zyxel	nwa1123acv3	-	No
Operating System	zyxel	wac500_firmware	< 6.70\(abvs.4\)	Yes
Hardware	zyxel	wac500	-	No
Operating System	zyxel	wac500h_firmware	< 6.70\(abwa.4\)	Yes
Hardware	zyxel	wac500h	-	No
Operating System	zyxel	wax300h_firmware	< 7.00\(achf.1\)	Yes
Hardware	zyxel	wax300h	-	No
Operating System	zyxel	wax510d_firmware	< 7.00\(abtf.1\)	Yes
Hardware	zyxel	wax510d	-	No
Operating System	zyxel	wax610d_firmware	< 7.00\(abte.1\)	Yes
Hardware	zyxel	wax610d	-	No
Operating System	zyxel	wax620d-6e_firmware	< 7.00\(accn.1\)	Yes
Hardware	zyxel	wax620d-6e	-	No
Operating System	zyxel	wax630s_firmware	< 7.00\(abzd.1\)	Yes
Hardware	zyxel	wax630s	-	No
Operating System	zyxel	wax640s-6e_firmware	< 7.00\(accm.1\)	Yes
Hardware	zyxel	wax640s-6e	-	No
Operating System	zyxel	wax650s_firmware	< 7.00\(abrm.1\)	Yes
Hardware	zyxel	wax650s	-	No
Operating System	zyxel	wax655e_firmware	< 7.00\(acdo.1\)	Yes
Hardware	zyxel	wax655e	-	No
Operating System	zyxel	wbe660s_firmware	< 7.00\(acgg.1\)	Yes
Hardware	zyxel	wbe660s	-	No

References

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-07-23-2024 Vendor Advisory ([email protected])
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-07-23-2024 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)