CVE-2023-22917 Information

Apr 27, 2023 cve

Description

A buffer overflow vulnerability in the “sdwan_iface_ipc” binary of Zyxel ATP series firmware versions 5.10 through 5.32 USG FLEX series firmware versions 5.00 through 5.32 USG FLEX 50(W) firmware versions 5.10 through 5.32 USG20(W)-VPN firmware versions 5.10 through 5.32 and VPN series firmware versions 5.00 through 5.35 which could allow a remote unauthenticated attacker to cause a core dump with a request error message on a vulnerable device by uploading a crafted configuration file.

Reference

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps

Share on: