Vulnerability Details CVE-2023-27989
A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.4%
CVSS Severity
CVSS v3 Score 6.5
References
- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerability-in-4g-lte-and-5g-nr-outdoor-routers
- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerability-in-4g-lte-and-5g-nr-outdoor-routers
Products affected by CVE-2023-27989
-
cpe:2.3:h:zyxel:lte7480-m804:-
-
cpe:2.3:h:zyxel:lte7490-m904:-
-
cpe:2.3:h:zyxel:nebula_nr7101:-
-
cpe:2.3:h:zyxel:nr7101:-
-
cpe:2.3:o:zyxel:lte7480-m804_firmware:*
-
cpe:2.3:o:zyxel:lte7490-m904_firmware:*
-
cpe:2.3:o:zyxel:nebula_nr7101_firmware:*
-
cpe:2.3:o:zyxel:nr7101_firmware:1.00(abu.11)c0
-
cpe:2.3:o:zyxel:nr7101_firmware:1.00(abu.9)c0