CVE-2020-25014
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.
Affected (11)
Products: Zyxel: Zld, Access Points Firmware
Configuration A
| Running on/with | Platform Versions |
|---|---|
Zyxel Zywall 110 | All versions |
Configuration B
| Running on/with | Platform Versions |
|---|---|
Zyxel Zywall 1100 | All versions |
Configuration C
| Running on/with | Platform Versions |
|---|---|
Zyxel Zywall 310 | All versions |
Configuration D
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg 110 | All versions |
Configuration E
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg 1100 | All versions |
Configuration F
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg 1900 | All versions |
Configuration G
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg 20w | All versions |
Configuration H
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg 20w Vpn | All versions |
Configuration I
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg 2200 Vpn | All versions |
Configuration J
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg 310 | All versions |
Configuration K
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg 40 | All versions |
Configuration L
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg 40w | All versions |
Configuration M
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg 60 | All versions |
Configuration N
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg 60w | All versions |
Configuration O
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg110 | All versions |
Configuration P
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg1100 | All versions |
Configuration Q
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg1900 | All versions |
Configuration R
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg20 Vpn | All versions |
Configuration S
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg20w Vpn | All versions |
Configuration T
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg210 | All versions |
Configuration U
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg2200 Vpn | All versions |
Configuration V
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg310 | All versions |
Configuration W
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg40 | All versions |
Configuration X
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg40w | All versions |
Configuration Y
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg60 | All versions |
Configuration Z
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg60w | All versions |
Configuration A
| Running on/with | Platform Versions |
|---|---|
Zyxel Vpn100 | All versions |
Configuration B
| Running on/with | Platform Versions |
|---|---|
Zyxel Vpn300 | All versions |
Configuration C
| Running on/with | Platform Versions |
|---|---|
Zyxel Vpn50 | All versions |
Configuration D
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg Flex 100 | All versions |
Configuration E
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg Flex 200 | All versions |
Configuration F
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg Flex 500 | All versions |
Configuration G
| Running on/with | Platform Versions |
|---|---|
Zyxel Usg Flex 100w | All versions |
Configuration H
Configuration I
| Running on/with | Platform Versions |
|---|---|
Zyxel Nwa1123 Ac Hd | All versions |
Configuration J
| Running on/with | Platform Versions |
|---|---|
Zyxel Nwa1123 Ac Pro | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Nwa1123 Acv2 | All versions |
Configuration L
| Running on/with | Platform Versions |
|---|---|
Zyxel Wax510d | All versions |
Configuration M
| Running on/with | Platform Versions |
|---|---|
Zyxel Wac5302d S | All versions |
Configuration N
| Running on/with | Platform Versions |
|---|---|
Zyxel Nwa5120 | All versions |
Configuration O
| Running on/with | Platform Versions |
|---|---|
Zyxel Nwa5301 Nj | All versions |
Configuration P
| Running on/with | Platform Versions |
|---|---|
Zyxel Wax610d | All versions |
Configuration Q
| Running on/with | Platform Versions |
|---|---|
Zyxel Wax650s | All versions |
Configuration R
| Running on/with | Platform Versions |
|---|---|
Zyxel Wac6550 | All versions |
Configuration S
| Running on/with | Platform Versions |
|---|---|
Zyxel Wac6303d S | All versions |
Configuration T
| Running on/with | Platform Versions |
|---|---|
Zyxel Wac6500 | All versions |
Configuration U
| Running on/with | Platform Versions |
|---|---|
Zyxel Wac6100 | All versions |
Configuration V
| Running on/with | Platform Versions |
|---|---|
Zyxel Nwa210ax | All versions |
Configuration W
| Running on/with | Platform Versions |
|---|---|
Zyxel Nwa110ax | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 6.10 |
| Running on/with | Platform Versions |
|---|---|
Zyxel Nwa1302 Ac | All versions |
References (4)
Source: cve@mitre.org
Release NotesVendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.