Vulnerability Details CVE-2022-0342
An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware versions V1.20 through V1.33 Patch 4, which could allow an attacker to bypass the web authentication and obtain administrative access of the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.919
EPSS Ranking 99.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2022-0342
-
cpe:2.3:h:zyxel:atp100:-
-
cpe:2.3:h:zyxel:atp100w:-
-
cpe:2.3:h:zyxel:atp200:-
-
cpe:2.3:h:zyxel:atp500:-
-
cpe:2.3:h:zyxel:atp700:-
-
cpe:2.3:h:zyxel:atp800:-
-
cpe:2.3:h:zyxel:nsg300:-
-
cpe:2.3:h:zyxel:usg40:-
-
cpe:2.3:h:zyxel:usg40w:-
-
cpe:2.3:h:zyxel:usg60:-
-
cpe:2.3:h:zyxel:usg60w:-
-
cpe:2.3:h:zyxel:usg_flex_100:-
-
cpe:2.3:h:zyxel:usg_flex_100w:-
-
cpe:2.3:h:zyxel:usg_flex_200:-
-
cpe:2.3:h:zyxel:usg_flex_500:-
-
cpe:2.3:h:zyxel:usg_flex_700:-
-
cpe:2.3:h:zyxel:vpn1000:-
-
cpe:2.3:h:zyxel:vpn100:-
-
cpe:2.3:h:zyxel:vpn300:-
-
cpe:2.3:h:zyxel:vpn50:-
-
cpe:2.3:h:zyxel:zywall_1100:-
-
cpe:2.3:h:zyxel:zywall_110:-
-
cpe:2.3:h:zyxel:zywall_310:-
-
cpe:2.3:o:zyxel:atp100_firmware:4.32
-
cpe:2.3:o:zyxel:atp100_firmware:4.35
-
cpe:2.3:o:zyxel:atp100_firmware:4.35(abps.2)c0
-
cpe:2.3:o:zyxel:atp100_firmware:4.35(abps.3)c0
-
cpe:2.3:o:zyxel:atp100_firmware:4.60
-
cpe:2.3:o:zyxel:atp100_firmware:5.10
-
cpe:2.3:o:zyxel:atp100_firmware:5.20
-
cpe:2.3:o:zyxel:atp100w_firmware:4.32
-
cpe:2.3:o:zyxel:atp100w_firmware:4.60
-
cpe:2.3:o:zyxel:atp100w_firmware:5.10
-
cpe:2.3:o:zyxel:atp100w_firmware:5.20
-
cpe:2.3:o:zyxel:atp200_firmware:4.32
-
cpe:2.3:o:zyxel:atp200_firmware:4.35
-
cpe:2.3:o:zyxel:atp200_firmware:4.35(abfw.3)c0
-
cpe:2.3:o:zyxel:atp200_firmware:4.60
-
cpe:2.3:o:zyxel:atp200_firmware:5.10
-
cpe:2.3:o:zyxel:atp200_firmware:5.20
-
cpe:2.3:o:zyxel:atp500_firmware:4.32
-
cpe:2.3:o:zyxel:atp500_firmware:4.35
-
cpe:2.3:o:zyxel:atp500_firmware:4.35(abfu.3)c0
-
cpe:2.3:o:zyxel:atp500_firmware:4.60
-
cpe:2.3:o:zyxel:atp500_firmware:5.10
-
cpe:2.3:o:zyxel:atp500_firmware:5.20
-
cpe:2.3:o:zyxel:atp700_firmware:4.32
-
cpe:2.3:o:zyxel:atp700_firmware:4.60
-
cpe:2.3:o:zyxel:atp700_firmware:5.10
-
cpe:2.3:o:zyxel:atp700_firmware:5.20
-
cpe:2.3:o:zyxel:atp800_firmware:4.32
-
cpe:2.3:o:zyxel:atp800_firmware:4.35
-
cpe:2.3:o:zyxel:atp800_firmware:4.35(abiq.3)c0
-
cpe:2.3:o:zyxel:atp800_firmware:4.60
-
cpe:2.3:o:zyxel:atp800_firmware:5.10
-
cpe:2.3:o:zyxel:atp800_firmware:5.20
-
cpe:2.3:o:zyxel:nsg300_firmware:1.20
-
cpe:2.3:o:zyxel:nsg300_firmware:1.33
-
cpe:2.3:o:zyxel:usg40_firmware:4.20
-
cpe:2.3:o:zyxel:usg40_firmware:4.31
-
cpe:2.3:o:zyxel:usg40_firmware:4.35
-
cpe:2.3:o:zyxel:usg40_firmware:4.35(aala.3)c0
-
cpe:2.3:o:zyxel:usg40_firmware:4.60
-
cpe:2.3:o:zyxel:usg40_firmware:4.64
-
cpe:2.3:o:zyxel:usg40_firmware:4.70
-
cpe:2.3:o:zyxel:usg40w_firmware:4.20
-
cpe:2.3:o:zyxel:usg40w_firmware:4.31
-
cpe:2.3:o:zyxel:usg40w_firmware:4.35
-
cpe:2.3:o:zyxel:usg40w_firmware:4.35(aalb.3)c0
-
cpe:2.3:o:zyxel:usg40w_firmware:4.60
-
cpe:2.3:o:zyxel:usg40w_firmware:4.64
-
cpe:2.3:o:zyxel:usg40w_firmware:4.70
-
cpe:2.3:o:zyxel:usg60_firmware:4.20
-
cpe:2.3:o:zyxel:usg60_firmware:4.31
-
cpe:2.3:o:zyxel:usg60_firmware:4.35
-
cpe:2.3:o:zyxel:usg60_firmware:4.35(aaky.3)c0
-
cpe:2.3:o:zyxel:usg60_firmware:4.60
-
cpe:2.3:o:zyxel:usg60_firmware:4.64
-
cpe:2.3:o:zyxel:usg60_firmware:4.70
-
cpe:2.3:o:zyxel:usg60w_firmware:4.20
-
cpe:2.3:o:zyxel:usg60w_firmware:4.31
-
cpe:2.3:o:zyxel:usg60w_firmware:4.35
-
cpe:2.3:o:zyxel:usg60w_firmware:4.35(aakz.3)c0
-
cpe:2.3:o:zyxel:usg60w_firmware:4.60
-
cpe:2.3:o:zyxel:usg60w_firmware:4.64
-
cpe:2.3:o:zyxel:usg60w_firmware:4.70
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:4.60
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:5.00
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:5.01
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:5.20
-
cpe:2.3:o:zyxel:usg_flex_100w_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_100w_firmware:4.60
-
cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.00
-
cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.01
-
cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_200_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_200_firmware:4.60
-
cpe:2.3:o:zyxel:usg_flex_200_firmware:5.00
-
cpe:2.3:o:zyxel:usg_flex_200_firmware:5.01
-
cpe:2.3:o:zyxel:usg_flex_200_firmware:5.20
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:4.60
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:5.00
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:5.01
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:5.20
-
cpe:2.3:o:zyxel:usg_flex_700_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_700_firmware:4.60
-
cpe:2.3:o:zyxel:usg_flex_700_firmware:5.00
-
cpe:2.3:o:zyxel:usg_flex_700_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_700_firmware:5.20
-
cpe:2.3:o:zyxel:vpn1000_firmware:4.30
-
cpe:2.3:o:zyxel:vpn1000_firmware:4.35
-
cpe:2.3:o:zyxel:vpn1000_firmware:4.35(abip.3)c0
-
cpe:2.3:o:zyxel:vpn1000_firmware:4.60
-
cpe:2.3:o:zyxel:vpn1000_firmware:5.20
-
cpe:2.3:o:zyxel:vpn100_firmware:4.30
-
cpe:2.3:o:zyxel:vpn100_firmware:4.35
-
cpe:2.3:o:zyxel:vpn100_firmware:4.35(abfv.3)c0
-
cpe:2.3:o:zyxel:vpn100_firmware:4.60
-
cpe:2.3:o:zyxel:vpn100_firmware:5.20
-
cpe:2.3:o:zyxel:vpn300_firmware:4.30
-
cpe:2.3:o:zyxel:vpn300_firmware:4.35
-
cpe:2.3:o:zyxel:vpn300_firmware:4.35(abfc.3)c0
-
cpe:2.3:o:zyxel:vpn300_firmware:4.60
-
cpe:2.3:o:zyxel:vpn300_firmware:5.20
-
cpe:2.3:o:zyxel:vpn50_firmware:4.30
-
cpe:2.3:o:zyxel:vpn50_firmware:4.35
-
cpe:2.3:o:zyxel:vpn50_firmware:4.35(abhl.3)c0
-
cpe:2.3:o:zyxel:vpn50_firmware:4.60
-
cpe:2.3:o:zyxel:vpn50_firmware:5.20
-
cpe:2.3:o:zyxel:zywall_1100_firmware:4.20
-
cpe:2.3:o:zyxel:zywall_1100_firmware:4.31
-
cpe:2.3:o:zyxel:zywall_1100_firmware:4.33(aaac.0)c0
-
cpe:2.3:o:zyxel:zywall_1100_firmware:4.35
-
cpe:2.3:o:zyxel:zywall_1100_firmware:4.70
-
cpe:2.3:o:zyxel:zywall_110_firmware:4.20
-
cpe:2.3:o:zyxel:zywall_110_firmware:4.31
-
cpe:2.3:o:zyxel:zywall_110_firmware:4.33(aaaa.0)c0
-
cpe:2.3:o:zyxel:zywall_110_firmware:4.35
-
cpe:2.3:o:zyxel:zywall_110_firmware:4.70
-
cpe:2.3:o:zyxel:zywall_310_firmware:4.20
-
cpe:2.3:o:zyxel:zywall_310_firmware:4.31
-
cpe:2.3:o:zyxel:zywall_310_firmware:4.33(aaab.0)c0
-
cpe:2.3:o:zyxel:zywall_310_firmware:4.35
-
cpe:2.3:o:zyxel:zywall_310_firmware:4.70