CVE-2023-28771

NVD Published Date: April 25, 2023 at 02:15 AM
NVD Last Modified: June 09, 2023 at 06:12 PM
Download Patch
Vulnerability ID
CVE-2023-28771
Severity
CRITICAL
Severity Score
9.8
Summary
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device.
Mitigation and Patches
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE ID
CWE-78

Recent Publish

CVE-2023-33009

CVE-2023-33010

CVE-2023-33246

CVE-2023-2868

CVE-2023-34362

CVE-2023-20887

See SecOps Solution
in action

Schedule Demo