Vulnerability Details CVE-2023-6398
A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1,
USG FLEX H series firmware versions from 1.10 through 1.10 Patch 1,
NWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.0%
CVSS Severity
CVSS v3 Score 7.2
References
Products affected by CVE-2023-6398
-
cpe:2.3:h:zyxel:atp100:-
-
cpe:2.3:h:zyxel:atp100w:-
-
cpe:2.3:h:zyxel:atp200:-
-
cpe:2.3:h:zyxel:atp500:-
-
cpe:2.3:h:zyxel:atp700:-
-
cpe:2.3:h:zyxel:atp800:-
-
cpe:2.3:h:zyxel:nwa110ax:-
-
cpe:2.3:h:zyxel:nwa1123acv3:-
-
cpe:2.3:h:zyxel:nwa210ax:-
-
cpe:2.3:h:zyxel:nwa220ax-6e:-
-
cpe:2.3:h:zyxel:nwa50ax-pro:-
-
cpe:2.3:h:zyxel:nwa50ax:-
-
cpe:2.3:h:zyxel:nwa55axe:-
-
cpe:2.3:h:zyxel:nwa90ax-pro:-
-
cpe:2.3:h:zyxel:nwa90ax:-
-
cpe:2.3:h:zyxel:usg20-vpn:-
-
cpe:2.3:h:zyxel:usg20w-vpn:-
-
cpe:2.3:h:zyxel:usg_flex_100:-
-
cpe:2.3:h:zyxel:usg_flex_100ax:-
-
cpe:2.3:h:zyxel:usg_flex_100h:-
-
cpe:2.3:h:zyxel:usg_flex_100hp:-
-
cpe:2.3:h:zyxel:usg_flex_100w:-
-
cpe:2.3:h:zyxel:usg_flex_200:-
-
cpe:2.3:h:zyxel:usg_flex_200h:-
-
cpe:2.3:h:zyxel:usg_flex_200hp:-
-
cpe:2.3:h:zyxel:usg_flex_500:-
-
cpe:2.3:h:zyxel:usg_flex_500h:-
-
cpe:2.3:h:zyxel:usg_flex_50:-
-
cpe:2.3:h:zyxel:usg_flex_50w:-
-
cpe:2.3:h:zyxel:usg_flex_700:-
-
cpe:2.3:h:zyxel:usg_flex_700h:-
-
cpe:2.3:h:zyxel:wac500:-
-
cpe:2.3:h:zyxel:wac500h:-
-
cpe:2.3:h:zyxel:wax300h:-
-
cpe:2.3:h:zyxel:wax510d:-
-
cpe:2.3:h:zyxel:wax610d:-
-
cpe:2.3:h:zyxel:wax620d-6e:-
-
cpe:2.3:h:zyxel:wax630s:-
-
cpe:2.3:h:zyxel:wax640s-6e:-
-
cpe:2.3:h:zyxel:wax650s:-
-
cpe:2.3:h:zyxel:wax655e:-
-
cpe:2.3:h:zyxel:wbe660s:-
-
cpe:2.3:o:zyxel:atp100_firmware:4.32
-
cpe:2.3:o:zyxel:atp100_firmware:4.35
-
cpe:2.3:o:zyxel:atp100_firmware:4.35(abps.2)c0
-
cpe:2.3:o:zyxel:atp100_firmware:4.35(abps.3)c0
-
cpe:2.3:o:zyxel:atp100_firmware:4.60
-
cpe:2.3:o:zyxel:atp100_firmware:5.10
-
cpe:2.3:o:zyxel:atp100_firmware:5.20
-
cpe:2.3:o:zyxel:atp100_firmware:5.30
-
cpe:2.3:o:zyxel:atp100_firmware:5.31
-
cpe:2.3:o:zyxel:atp100_firmware:5.35
-
cpe:2.3:o:zyxel:atp100_firmware:5.36
-
cpe:2.3:o:zyxel:atp100_firmware:5.37
-
cpe:2.3:o:zyxel:atp100w_firmware:4.32
-
cpe:2.3:o:zyxel:atp100w_firmware:4.60
-
cpe:2.3:o:zyxel:atp100w_firmware:5.10
-
cpe:2.3:o:zyxel:atp100w_firmware:5.20
-
cpe:2.3:o:zyxel:atp100w_firmware:5.30
-
cpe:2.3:o:zyxel:atp100w_firmware:5.35
-
cpe:2.3:o:zyxel:atp100w_firmware:5.36
-
cpe:2.3:o:zyxel:atp100w_firmware:5.37
-
cpe:2.3:o:zyxel:atp200_firmware:4.32
-
cpe:2.3:o:zyxel:atp200_firmware:4.35
-
cpe:2.3:o:zyxel:atp200_firmware:4.35(abfw.3)c0
-
cpe:2.3:o:zyxel:atp200_firmware:4.60
-
cpe:2.3:o:zyxel:atp200_firmware:5.10
-
cpe:2.3:o:zyxel:atp200_firmware:5.20
-
cpe:2.3:o:zyxel:atp200_firmware:5.30
-
cpe:2.3:o:zyxel:atp200_firmware:5.35
-
cpe:2.3:o:zyxel:atp200_firmware:5.36
-
cpe:2.3:o:zyxel:atp200_firmware:5.37
-
cpe:2.3:o:zyxel:atp500_firmware:4.32
-
cpe:2.3:o:zyxel:atp500_firmware:4.35
-
cpe:2.3:o:zyxel:atp500_firmware:4.35(abfu.3)c0
-
cpe:2.3:o:zyxel:atp500_firmware:4.60
-
cpe:2.3:o:zyxel:atp500_firmware:5.10
-
cpe:2.3:o:zyxel:atp500_firmware:5.20
-
cpe:2.3:o:zyxel:atp500_firmware:5.30
-
cpe:2.3:o:zyxel:atp500_firmware:5.35
-
cpe:2.3:o:zyxel:atp500_firmware:5.36
-
cpe:2.3:o:zyxel:atp500_firmware:5.37
-
cpe:2.3:o:zyxel:atp700_firmware:4.32
-
cpe:2.3:o:zyxel:atp700_firmware:4.60
-
cpe:2.3:o:zyxel:atp700_firmware:5.10
-
cpe:2.3:o:zyxel:atp700_firmware:5.20
-
cpe:2.3:o:zyxel:atp700_firmware:5.30
-
cpe:2.3:o:zyxel:atp700_firmware:5.35
-
cpe:2.3:o:zyxel:atp700_firmware:5.36
-
cpe:2.3:o:zyxel:atp700_firmware:5.37
-
cpe:2.3:o:zyxel:atp800_firmware:4.32
-
cpe:2.3:o:zyxel:atp800_firmware:4.35
-
cpe:2.3:o:zyxel:atp800_firmware:4.35(abiq.3)c0
-
cpe:2.3:o:zyxel:atp800_firmware:4.60
-
cpe:2.3:o:zyxel:atp800_firmware:5.10
-
cpe:2.3:o:zyxel:atp800_firmware:5.20
-
cpe:2.3:o:zyxel:atp800_firmware:5.30
-
cpe:2.3:o:zyxel:atp800_firmware:5.35
-
cpe:2.3:o:zyxel:atp800_firmware:5.36
-
cpe:2.3:o:zyxel:atp800_firmware:5.37
-
cpe:2.3:o:zyxel:nwa110ax_firmware:-
-
cpe:2.3:o:zyxel:nwa110ax_firmware:6.45(abtg.0)c0
-
cpe:2.3:o:zyxel:nwa110ax_firmware:6.50(abtg.0)c0
-
cpe:2.3:o:zyxel:nwa110ax_firmware:6.65(abtg.1)
-
cpe:2.3:o:zyxel:nwa110ax_firmware:6.70(abtg.0)
-
cpe:2.3:o:zyxel:nwa1123acv3_firmware:-
-
cpe:2.3:o:zyxel:nwa1123acv3_firmware:6.65(abvt.1)
-
cpe:2.3:o:zyxel:nwa1123acv3_firmware:6.70(abvt.0)
-
cpe:2.3:o:zyxel:nwa210ax_firmware:-
-
cpe:2.3:o:zyxel:nwa210ax_firmware:6.45(abtd.0)c0
-
cpe:2.3:o:zyxel:nwa210ax_firmware:6.50(abtd.0)c0
-
cpe:2.3:o:zyxel:nwa210ax_firmware:6.65(abtd.1)
-
cpe:2.3:o:zyxel:nwa210ax_firmware:6.70(abtd.0)
-
cpe:2.3:o:zyxel:nwa220ax-6e_firmware:-
-
cpe:2.3:o:zyxel:nwa220ax-6e_firmware:6.65(acco.1)
-
cpe:2.3:o:zyxel:nwa220ax-6e_firmware:6.70(acco.0)
-
cpe:2.3:o:zyxel:nwa50ax-pro_firmware:-
-
cpe:2.3:o:zyxel:nwa50ax-pro_firmware:6.65(acge.1)
-
cpe:2.3:o:zyxel:nwa50ax_firmware:-
-
cpe:2.3:o:zyxel:nwa50ax_firmware:6.29(abyw.3)
-
cpe:2.3:o:zyxel:nwa55axe_firmware:-
-
cpe:2.3:o:zyxel:nwa55axe_firmware:6.29(abzl.3)
-
cpe:2.3:o:zyxel:nwa90ax-pro_firmware:-
-
cpe:2.3:o:zyxel:nwa90ax-pro_firmware:6.65(acgf.1)
-
cpe:2.3:o:zyxel:nwa90ax_firmware:-
-
cpe:2.3:o:zyxel:nwa90ax_firmware:6.29(accv.3)
-
cpe:2.3:o:zyxel:uos:1.10
-
cpe:2.3:o:zyxel:usg20-vpn_firmware:4.16
-
cpe:2.3:o:zyxel:usg20-vpn_firmware:4.31
-
cpe:2.3:o:zyxel:usg20-vpn_firmware:4.35
-
cpe:2.3:o:zyxel:usg20-vpn_firmware:4.35(abaq.3)c0
-
cpe:2.3:o:zyxel:usg20-vpn_firmware:4.60
-
cpe:2.3:o:zyxel:usg20-vpn_firmware:5.01
-
cpe:2.3:o:zyxel:usg20-vpn_firmware:5.10
-
cpe:2.3:o:zyxel:usg20-vpn_firmware:5.36
-
cpe:2.3:o:zyxel:usg20-vpn_firmware:5.37
-
cpe:2.3:o:zyxel:usg20w-vpn_firmware:4.16
-
cpe:2.3:o:zyxel:usg20w-vpn_firmware:4.31
-
cpe:2.3:o:zyxel:usg20w-vpn_firmware:4.35
-
cpe:2.3:o:zyxel:usg20w-vpn_firmware:4.35(abar.3)c0
-
cpe:2.3:o:zyxel:usg20w-vpn_firmware:4.60
-
cpe:2.3:o:zyxel:usg20w-vpn_firmware:5.01
-
cpe:2.3:o:zyxel:usg20w-vpn_firmware:5.10
-
cpe:2.3:o:zyxel:usg20w-vpn_firmware:5.30
-
cpe:2.3:o:zyxel:usg20w-vpn_firmware:5.37
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:4.60
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:5.00
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:5.01
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:5.20
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:5.35
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:5.36
-
cpe:2.3:o:zyxel:usg_flex_100_firmware:5.37
-
cpe:2.3:o:zyxel:usg_flex_100ax_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_100ax_firmware:5.37
-
cpe:2.3:o:zyxel:usg_flex_100h_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_100h_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_100h_firmware:5.37
-
cpe:2.3:o:zyxel:usg_flex_100w_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_100w_firmware:4.60
-
cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.00
-
cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.01
-
cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.30
-
cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.35
-
cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.36
-
cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.37
-
cpe:2.3:o:zyxel:usg_flex_200_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_200_firmware:4.60
-
cpe:2.3:o:zyxel:usg_flex_200_firmware:5.00
-
cpe:2.3:o:zyxel:usg_flex_200_firmware:5.01
-
cpe:2.3:o:zyxel:usg_flex_200_firmware:5.20
-
cpe:2.3:o:zyxel:usg_flex_200_firmware:5.30
-
cpe:2.3:o:zyxel:usg_flex_200_firmware:5.35
-
cpe:2.3:o:zyxel:usg_flex_200_firmware:5.36
-
cpe:2.3:o:zyxel:usg_flex_200_firmware:5.37
-
cpe:2.3:o:zyxel:usg_flex_200h_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_200h_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_200h_firmware:5.37
-
cpe:2.3:o:zyxel:usg_flex_200hp_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_200hp_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_200hp_firmware:5.37
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:4.60
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:5.00
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:5.01
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:5.20
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:5.30
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:5.35
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:5.36
-
cpe:2.3:o:zyxel:usg_flex_500_firmware:5.37
-
cpe:2.3:o:zyxel:usg_flex_500h_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_500h_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_500h_firmware:5.37
-
cpe:2.3:o:zyxel:usg_flex_50_firmware:4.16
-
cpe:2.3:o:zyxel:usg_flex_50_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_50_firmware:4.60
-
cpe:2.3:o:zyxel:usg_flex_50_firmware:5.00
-
cpe:2.3:o:zyxel:usg_flex_50_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_50_firmware:5.35
-
cpe:2.3:o:zyxel:usg_flex_50_firmware:5.36
-
cpe:2.3:o:zyxel:usg_flex_50_firmware:5.37
-
cpe:2.3:o:zyxel:usg_flex_50w_firmware:4.16
-
cpe:2.3:o:zyxel:usg_flex_50w_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_50w_firmware:4.60
-
cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.00
-
cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.30
-
cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.35
-
cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.36
-
cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.37
-
cpe:2.3:o:zyxel:usg_flex_700_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_700_firmware:4.60
-
cpe:2.3:o:zyxel:usg_flex_700_firmware:5.00
-
cpe:2.3:o:zyxel:usg_flex_700_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_700_firmware:5.20
-
cpe:2.3:o:zyxel:usg_flex_700_firmware:5.30
-
cpe:2.3:o:zyxel:usg_flex_700_firmware:5.35
-
cpe:2.3:o:zyxel:usg_flex_700_firmware:5.36
-
cpe:2.3:o:zyxel:usg_flex_700_firmware:5.37
-
cpe:2.3:o:zyxel:usg_flex_700h_firmware:4.50
-
cpe:2.3:o:zyxel:usg_flex_700h_firmware:5.10
-
cpe:2.3:o:zyxel:usg_flex_700h_firmware:5.37
-
cpe:2.3:o:zyxel:wac500_firmware:-
-
cpe:2.3:o:zyxel:wac500_firmware:6.65(abvs.1)
-
cpe:2.3:o:zyxel:wac500_firmware:6.70(abvs.0)
-
cpe:2.3:o:zyxel:wac500h_firmware:-
-
cpe:2.3:o:zyxel:wac500h_firmware:6.65(abwa.1)
-
cpe:2.3:o:zyxel:wac500h_firmware:6.70(abwa.0)
-
cpe:2.3:o:zyxel:wax300h_firmware:-
-
cpe:2.3:o:zyxel:wax300h_firmware:6.60(achf.1)
-
cpe:2.3:o:zyxel:wax510d_firmware:-
-
cpe:2.3:o:zyxel:wax510d_firmware:6.45(abtf.0)c0
-
cpe:2.3:o:zyxel:wax510d_firmware:6.50(abtf.0)c0
-
cpe:2.3:o:zyxel:wax510d_firmware:6.65(abtf.1)
-
cpe:2.3:o:zyxel:wax510d_firmware:6.70(abtf.0)
-
cpe:2.3:o:zyxel:wax610d_firmware:-
-
cpe:2.3:o:zyxel:wax610d_firmware:6.45(abte.0)c0
-
cpe:2.3:o:zyxel:wax610d_firmware:6.50(abte.0)c0
-
cpe:2.3:o:zyxel:wax610d_firmware:6.65(abte.1)
-
cpe:2.3:o:zyxel:wax610d_firmware:6.70(abte.0)
-
cpe:2.3:o:zyxel:wax620d-6e_firmware:-
-
cpe:2.3:o:zyxel:wax620d-6e_firmware:6.65(accn.1)
-
cpe:2.3:o:zyxel:wax620d-6e_firmware:6.70(accn.0)
-
cpe:2.3:o:zyxel:wax630s_firmware:-
-
cpe:2.3:o:zyxel:wax630s_firmware:6.45(abzd.0)c0
-
cpe:2.3:o:zyxel:wax630s_firmware:6.50(abzd.0)c0
-
cpe:2.3:o:zyxel:wax630s_firmware:6.65(abzd.1)
-
cpe:2.3:o:zyxel:wax630s_firmware:6.70(abzd.0)
-
cpe:2.3:o:zyxel:wax640s-6e_firmware:-
-
cpe:2.3:o:zyxel:wax640s-6e_firmware:6.65(accm.1)
-
cpe:2.3:o:zyxel:wax640s-6e_firmware:6.70(accm.0)
-
cpe:2.3:o:zyxel:wax650s_firmware:-
-
cpe:2.3:o:zyxel:wax650s_firmware:6.45(abrm.0)c0
-
cpe:2.3:o:zyxel:wax650s_firmware:6.50(abrm.0)c0
-
cpe:2.3:o:zyxel:wax650s_firmware:6.65(abrm.1)
-
cpe:2.3:o:zyxel:wax650s_firmware:6.70(abrm.0)
-
cpe:2.3:o:zyxel:wax655e_firmware:-
-
cpe:2.3:o:zyxel:wax655e_firmware:6.65(acdo.1)
-
cpe:2.3:o:zyxel:wax655e_firmware:6.70(acdo.0)
-
cpe:2.3:o:zyxel:wbe660s_firmware:-
-
cpe:2.3:o:zyxel:wbe660s_firmware:6.65(acgg.1)
-
cpe:2.3:o:zyxel:wbe660s_firmware:6.70(acgg.0)