CVE-2022-26531 : Multiple improper input validation flaws were identified in some CLI commands of

Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.

Published 2022-05-24 06:15:09

Updated 2024-02-09 18:15:08

Source Zyxel Corporation

View at NVD, CVE.org

Vulnerability category: OverflowInput validation

Products affected by CVE-2022-26531

Zyxel » Usg 20w Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg_20w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg 20w » Version: N/A
Zyxel » Usg 40 Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg 40 » Version: N/A
Zyxel » Usg 40w Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg 40w » Version: N/A
Zyxel » Usg 60 Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg 60 » Version: N/A
Zyxel » Usg 60w Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg 60w » Version: N/A
Zyxel » Usg 110 Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg_110_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg 110 » Version: N/A
Zyxel » Usg 2200-vpn Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg 2200-vpn » Version: N/A
Zyxel » Usg 310 Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg_310_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg 310 » Version: N/A
Zyxel » Usg 1100 Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg_1100_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg 1100 » Version: N/A
Zyxel » Usg 1900 Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg_1900_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg 1900 » Version: N/A
Zyxel » Usg 20w-vpn Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg 20w-vpn » Version: N/A
Zyxel » Atp200 Firmware
Versions from including (>=) 4.32 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Atp200 » Version: N/A
Zyxel » Atp500 Firmware
Versions from including (>=) 4.32 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Atp500 » Version: N/A
Zyxel » Atp800 Firmware
Versions from including (>=) 4.32 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Atp800 » Version: N/A
Zyxel » Usg210 Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg210 » Version: N/A
Zyxel » Usg310 Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg310 » Version: N/A
Zyxel » Vpn50 Firmware
Versions from including (>=) 4.30 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Vpn50 » Version: N/A
Zyxel » Vpn100 Firmware
Versions from including (>=) 4.30 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Vpn100 » Version: N/A
Zyxel » Vpn300 Firmware
Versions from including (>=) 4.30 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Vpn300 » Version: N/A
Zyxel » Usg2200 Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg2200 » Version: N/A
Zyxel » Atp100 Firmware
Versions from including (>=) 4.32 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Atp100 » Version: N/A
Zyxel » Vpn1000 Firmware
Versions from including (>=) 4.30 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Vpn1000 » Version: N/A
Zyxel » Usg300 Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg300 » Version: N/A
Zyxel » Usg20 Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg20 » Version: N/A
Zyxel » Usg200 Firmware
Versions from including (>=) 4.09 and up to, including, (<=) 4.71
cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg200 » Version: N/A
Zyxel » Usg Flex 100 Firmware
Versions from including (>=) 4.50 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg Flex 100 » Version: N/A
Zyxel » Usg Flex 200 Firmware
Versions from including (>=) 4.50 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg Flex 200 » Version: N/A
Zyxel » Usg Flex 500 Firmware
Versions from including (>=) 4.50 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg Flex 500 » Version: N/A
Zyxel » Usg Flex 100w Firmware
Versions from including (>=) 4.50 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg Flex 100w » Version: N/A
Zyxel » Usg Flex 700 Firmware
Versions from including (>=) 4.50 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg Flex 700 » Version: N/A
Zyxel » Atp100w Firmware
Versions from including (>=) 4.32 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Atp100w » Version: N/A
Zyxel » Atp700 Firmware
Versions from including (>=) 4.32 and up to, including, (<=) 5.21
cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Atp700 » Version: N/A
Zyxel » Nsg300 Firmware
Versions from including (>=) 1.00 and before (<) 1.33
cpe:2.3:o:zyxel:nsg300_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg300 » Version: N/A
Zyxel » Nsg300 Firmware » Version: 1.33
cpe:2.3:o:zyxel:nsg300_firmware:1.33:-:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg300 » Version: N/A
Zyxel » Nsg300 Firmware » Version: 1.33 Update Patch1
cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch1:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg300 » Version: N/A
Zyxel » Nsg300 Firmware » Version: 1.33 Update Patch2
cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch2:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg300 » Version: N/A
Zyxel » Nsg300 Firmware » Version: 1.33 Update Patch3
cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch3:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg300 » Version: N/A
Zyxel » Nsg300 Firmware » Version: 1.33 Update Patch4
cpe:2.3:o:zyxel:nsg300_firmware:1.33:patch4:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg300 » Version: N/A
Zyxel » Nsg100 Firmware
Versions from including (>=) 1.00 and before (<) 1.33
cpe:2.3:o:zyxel:nsg100_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg100 » Version: N/A
Zyxel » Nsg100 Firmware » Version: 1.33
cpe:2.3:o:zyxel:nsg100_firmware:1.33:-:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg100 » Version: N/A
Zyxel » Nsg100 Firmware » Version: 1.33 Update Patch1
cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch1:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg100 » Version: N/A
Zyxel » Nsg100 Firmware » Version: 1.33 Update Patch2
cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch2:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg100 » Version: N/A
Zyxel » Nsg100 Firmware » Version: 1.33 Update Patch3
cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch3:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg100 » Version: N/A
Zyxel » Nsg100 Firmware » Version: 1.33 Update Patch4
cpe:2.3:o:zyxel:nsg100_firmware:1.33:patch4:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg100 » Version: N/A
Zyxel » Nsg50 Firmware
Versions from including (>=) 1.00 and before (<) 1.33
cpe:2.3:o:zyxel:nsg50_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg50 » Version: N/A
Zyxel » Nsg50 Firmware » Version: 1.33
cpe:2.3:o:zyxel:nsg50_firmware:1.33:-:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg50 » Version: N/A
Zyxel » Nsg50 Firmware » Version: 1.33 Update Patch1
cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch1:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg50 » Version: N/A
Zyxel » Nsg50 Firmware » Version: 1.33 Update Patch2
cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch2:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg50 » Version: N/A
Zyxel » Nsg50 Firmware » Version: 1.33 Update Patch3
cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch3:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg50 » Version: N/A
Zyxel » Nsg50 Firmware » Version: 1.33 Update Patch4
cpe:2.3:o:zyxel:nsg50_firmware:1.33:patch4:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nsg50 » Version: N/A
Zyxel » Nxc2500 Firmware
Versions up to, including, (<=) 6.10\(aaig.3\)
cpe:2.3:o:zyxel:nxc2500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nxc2500 » Version: N/A
Zyxel » Nxc5500 Firmware
Versions up to, including, (<=) 6.10\(aaos.3\)
cpe:2.3:o:zyxel:nxc5500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nxc5500 » Version: N/A
Zyxel » Nap203 Firmware
Versions up to, including, (<=) 6.25\(abfa.7\)
cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nap203 » Version: N/A
Zyxel » Nap303 Firmware
Versions up to, including, (<=) 6.25\(abex.7\)
cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nap303 » Version: N/A
Zyxel » Nap353 Firmware
Versions up to, including, (<=) 6.25\(abey.7\)
cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nap353 » Version: N/A
Zyxel » Nwa50ax Firmware
Versions up to, including, (<=) 6.25\(abyw.5\)
cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa50ax » Version: N/A
Zyxel » Nwa55axe Firmware
Versions up to, including, (<=) 6.25\(abzl.5\)
cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa55axe » Version: N/A
Zyxel » Nwa90ax Firmware
Versions up to, including, (<=) 6.27\(accv.2\)
cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa90ax » Version: N/A
Zyxel » Nwa110ax Firmware
Versions up to, including, (<=) 6.30\(abtg.2\)
cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa110ax » Version: N/A
Zyxel » Nwa210ax Firmware
Versions up to, including, (<=) 6.30\(abtd.2\)
cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa210ax » Version: N/A
Zyxel » Nwa1123-ac-hd Firmware
Versions up to, including, (<=) 6.25\(abin.6\)
cpe:2.3:o:zyxel:nwa1123-ac-hd_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa1123-ac-hd » Version: N/A
Zyxel » Nwa1123-ac-pro Firmware
Versions up to, including, (<=) 6.25\(abhd.7\)
cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa1123-ac-pro » Version: N/A
Zyxel » Nwa1123acv3 Firmware
Versions up to, including, (<=) 6.30\(abvt.2\)
cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa1123acv3 » Version: N/A
Zyxel » Nwa1302-ac Firmware
Versions up to, including, (<=) 6.25\(abku.6\)
cpe:2.3:o:zyxel:nwa1302-ac_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa1302-ac » Version: N/A
Zyxel » Nwa5123-ac-hd Firmware
Versions up to, including, (<=) 6.25\(abim.6\)
cpe:2.3:o:zyxel:nwa5123-ac-hd_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa5123-ac-hd » Version: N/A
Zyxel » Wac500h Firmware
Versions up to, including, (<=) 6.30\(abwa.2\)
cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac500h » Version: N/A
Zyxel » Wac500 Firmware
Versions up to, including, (<=) 6.30\(abvs.2\)
cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac500 » Version: N/A
Zyxel » Wac5302d-s Firmware
Versions up to, including, (<=) 6.10\(abfh.10\)
cpe:2.3:o:zyxel:wac5302d-s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac5302d-s » Version: N/A
Zyxel » Wac5302d-sv2 Firmware
Versions up to, including, (<=) 6.25\(abvz.6\)
cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac5302d-sv2 » Version: N/A
Zyxel » Wac6103d-i Firmware
Versions up to, including, (<=) 6.25\(aaxh.7\)
cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac6103d-i » Version: N/A
Zyxel » Wac6303d-s Firmware
Versions up to, including, (<=) 6.25\(abgl.6\)
cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac6303d-s » Version: N/A
Zyxel » Wac6502d-e Firmware
Versions up to, including, (<=) 6.25\(aasd.7\)
cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac6502d-e » Version: N/A
Zyxel » Wac6502d-s Firmware
Versions up to, including, (<=) 6.25\(aase.7\)
cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac6502d-s » Version: N/A
Zyxel » Wac6503d-s Firmware
Versions up to, including, (<=) 6.25\(aasf.7\)
cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac6503d-s » Version: N/A
Zyxel » Wac6553d-s Firmware
Versions up to, including, (<=) 6.25\(aasg.7\)
cpe:2.3:o:zyxel:wac6553d-s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac6553d-s » Version: N/A
Zyxel » Wac6552d-s Firmware
Versions up to, including, (<=) 6.25\(abio.7\)
cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac6552d-s » Version: N/A
Zyxel » Wax510d Firmware
Versions up to, including, (<=) 6.30\(abtf.2\)
cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wax510d » Version: N/A
Zyxel » Wax610d Firmware
Versions up to, including, (<=) 6.30\(abte.2\)
cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wax610d » Version: N/A
Zyxel » Wax630s Firmware
Versions up to, including, (<=) 6.30\(abzd.2\)
cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wax630s » Version: N/A
Zyxel » Wax650s Firmware
Versions up to, including, (<=) 6.30\(abrm.2\)
cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wax650s » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2022-26531

EPSS FAQ

0.99%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 76 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-26531

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
6.1	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H	1.8	4.2	Zyxel Corporation
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: Low Availability: High

CWE ids for CVE-2022-26531

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Assigned by:
- nvd@nist.gov (Primary)
- security@zyxel.com.tw (Secondary)

References for CVE-2022-26531

http://packetstormsecurity.com/files/177036/Zyxel-zysh-Format-String-Proof-Of-Concept.html

Zyxel zysh Format String Proof Of Concept ≈ Packet Storm
https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml

Zyxel security advisory for multiple vulnerabilities of firewalls, AP controllers, and APs | Zyxel
Vendor Advisory

CVEs referencing this url
http://packetstormsecurity.com/files/167464/Zyxel-Buffer-Overflow-Format-String-Command-Injection.html

Zyxel Buffer Overflow / Format String / Command Injection ≈ Packet Storm

CVEs referencing this url
http://seclists.org/fulldisclosure/2022/Jun/15

Full Disclosure: HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-26531

Products affected by CVE-2022-26531

Exploit prediction scoring system (EPSS) score for CVE-2022-26531

CVSS scores for CVE-2022-26531

CWE ids for CVE-2022-26531

References for CVE-2022-26531