CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-7203

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device by executing a crafted CLI command.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.0%

CVSS Severity

CVSS v3 Score 7.2

References

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024

Products affected by CVE-2024-7203

Zyxel » Atp100 » Version: N/A

cpe:2.3:h:zyxel:atp100:-
Zyxel » Atp100w » Version: N/A

cpe:2.3:h:zyxel:atp100w:-
Zyxel » Atp200 » Version: N/A

cpe:2.3:h:zyxel:atp200:-
Zyxel » Atp500 » Version: N/A

cpe:2.3:h:zyxel:atp500:-
Zyxel » Atp700 » Version: N/A

cpe:2.3:h:zyxel:atp700:-
Zyxel » Atp800 » Version: N/A

cpe:2.3:h:zyxel:atp800:-
Zyxel » Usg Flex 100 » Version: N/A

cpe:2.3:h:zyxel:usg_flex_100:-
Zyxel » Usg Flex 100ax » Version: N/A

cpe:2.3:h:zyxel:usg_flex_100ax:-
Zyxel » Usg Flex 100w » Version: N/A

cpe:2.3:h:zyxel:usg_flex_100w:-
Zyxel » Usg Flex 200 » Version: N/A

cpe:2.3:h:zyxel:usg_flex_200:-
Zyxel » Usg Flex 500 » Version: N/A

cpe:2.3:h:zyxel:usg_flex_500:-
Zyxel » Usg Flex 50 » Version: N/A

cpe:2.3:h:zyxel:usg_flex_50:-
Zyxel » Usg Flex 50w » Version: N/A

cpe:2.3:h:zyxel:usg_flex_50w:-
Zyxel » Usg Flex 700 » Version: N/A

cpe:2.3:h:zyxel:usg_flex_700:-
Zyxel » Zld » Version: 4.60

cpe:2.3:o:zyxel:zld:4.60
Zyxel » Zld » Version: 5.00

cpe:2.3:o:zyxel:zld:5.00
Zyxel » Zld » Version: 5.10

cpe:2.3:o:zyxel:zld:5.10
Zyxel » Zld » Version: 5.37

cpe:2.3:o:zyxel:zld:5.37
Zyxel » Zld » Version: 5.38

cpe:2.3:o:zyxel:zld:5.38

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-7203

Products

Pricing

Contact Us