CVE-2023-22918 : A post-authentication information exposure vulnerability in the CGI program of Z

A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.

Published 2023-04-24 18:15:09

Updated 2023-06-12 15:40:49

Source Zyxel Corporation

View at NVD, CVE.org

Products affected by CVE-2023-22918

Zyxel » Usg 20w-vpn Firmware
Versions from including (>=) 4.16 and before (<) 5.36
cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg 20w-vpn » Version: N/A
Zyxel » Atp200 Firmware
Versions from including (>=) 4.32 and before (<) 5.36
cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Atp200 » Version: N/A
Zyxel » Atp500 Firmware
Versions from including (>=) 4.32 and before (<) 5.36
cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Atp500 » Version: N/A
Zyxel » Atp800 Firmware
Versions from including (>=) 4.32 and before (<) 5.36
cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Atp800 » Version: N/A
Zyxel » Usg20-vpn Firmware
Versions from including (>=) 4.30 and before (<) 5.36
cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg20-vpn » Version: N/A
Zyxel » Vpn50 Firmware
Versions from including (>=) 4.30 and before (<) 5.36
cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Vpn50 » Version: N/A
Zyxel » Vpn100 Firmware
Versions from including (>=) 4.30 and before (<) 5.36
cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Vpn100 » Version: N/A
Zyxel » Vpn300 Firmware
Versions from including (>=) 4.30 and before (<) 5.36
cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Vpn300 » Version: N/A
Zyxel » Atp100 Firmware
Versions from including (>=) 4.32 and before (<) 5.36
cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Atp100 » Version: N/A
Zyxel » Vpn1000 Firmware
Versions from including (>=) 4.30 and before (<) 5.36
cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Vpn1000 » Version: N/A
Zyxel » Usg Flex 100 Firmware
Versions from including (>=) 4.50 and before (<) 5.36
cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg Flex 100 » Version: N/A
Zyxel » Usg Flex 200 Firmware
Versions from including (>=) 4.50 and before (<) 5.36
cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg Flex 200 » Version: N/A
Zyxel » Usg Flex 500 Firmware
Versions from including (>=) 4.50 and before (<) 5.36
cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg Flex 500 » Version: N/A
Zyxel » Usg Flex 100w Firmware
Versions from including (>=) 4.50 and before (<) 5.36
cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg Flex 100w » Version: N/A
Zyxel » Usg Flex 700 Firmware
Versions from including (>=) 4.50 and before (<) 5.36
cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg Flex 700 » Version: N/A
Zyxel » Atp100w Firmware
Versions from including (>=) 4.32 and before (<) 5.36
cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Atp100w » Version: N/A
Zyxel » Atp700 Firmware
Versions from including (>=) 4.32 and before (<) 5.36
cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Atp700 » Version: N/A
Zyxel » Usg Flex 50w Firmware
Versions from including (>=) 4.16 and before (<) 5.36
cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg Flex 50w » Version: N/A
Zyxel » Nap203 Firmware
Versions up to, including, (<=) 6.28\(abfa.0\)
cpe:2.3:o:zyxel:nap203_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nap203 » Version: N/A
Zyxel » Nap303 Firmware
Versions up to, including, (<=) 6.28\(abex.0\)
cpe:2.3:o:zyxel:nap303_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nap303 » Version: N/A
Zyxel » Nap353 Firmware
Versions up to, including, (<=) 6.28\(abey.0\)
cpe:2.3:o:zyxel:nap353_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nap353 » Version: N/A
Zyxel » Nwa50ax Firmware
Versions up to, including, (<=) 6.55\(acge.1\)
cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa50ax » Version: N/A
Zyxel » Nwa55axe Firmware
Versions up to, including, (<=) 6.29\(abzl.1\)
cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa55axe » Version: N/A
Zyxel » Nwa90ax Firmware
Versions up to, including, (<=) 6.29\(accv.1\)
cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa90ax » Version: N/A
Zyxel » Nwa110ax Firmware
Versions up to, including, (<=) 6.50\(abtg.2\)
cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa110ax » Version: N/A
Zyxel » Nwa210ax Firmware
Versions up to, including, (<=) 6.50\(abtd.2\)
cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa210ax » Version: N/A
Zyxel » Nwa1123-ac-pro Firmware
Versions up to, including, (<=) 6.28\(abhd.0\)
cpe:2.3:o:zyxel:nwa1123-ac-pro_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa1123-ac-pro » Version: N/A
Zyxel » Nwa1123acv3 Firmware
Versions up to, including, (<=) 6.50\(abvt.0\)
cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa1123acv3 » Version: N/A
Zyxel » Wac500h Firmware
Versions up to, including, (<=) 6.50\(abwa.0\)
cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac500h » Version: N/A
Zyxel » Wac500 Firmware
Versions up to, including, (<=) 6.50\(abvs.0\)
cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac500 » Version: N/A
Zyxel » Wac5302d-sv2 Firmware
Versions up to, including, (<=) 6.25\(abvz.9\)
cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac5302d-sv2 » Version: N/A
Zyxel » Wac6103d-i Firmware
Versions up to, including, (<=) 6.28\(aaxh.0\)
cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac6103d-i » Version: N/A
Zyxel » Wac6303d-s Firmware
Versions up to, including, (<=) 6.25\(abgl.9\)
cpe:2.3:o:zyxel:wac6303d-s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac6303d-s » Version: N/A
Zyxel » Wac6502d-e Firmware
Versions up to, including, (<=) 6.28\(aasd.0\)
cpe:2.3:o:zyxel:wac6502d-e_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac6502d-e » Version: N/A
Zyxel » Wac6502d-s Firmware
Versions up to, including, (<=) 6.28\(aase.0\)
cpe:2.3:o:zyxel:wac6502d-s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac6502d-s » Version: N/A
Zyxel » Wac6503d-s Firmware
Versions up to, including, (<=) 6.28\(aasf.0\)
cpe:2.3:o:zyxel:wac6503d-s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac6503d-s » Version: N/A
Zyxel » Wac6552d-s Firmware
Versions up to, including, (<=) 6.28\(abio.0\)
cpe:2.3:o:zyxel:wac6552d-s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac6552d-s » Version: N/A
Zyxel » Wax510d Firmware
Versions up to, including, (<=) 6.50\(abtf.2\)
cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wax510d » Version: N/A
Zyxel » Wax610d Firmware
Versions up to, including, (<=) 6.50\(abte.2\)
cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wax610d » Version: N/A
Zyxel » Wax630s Firmware
Versions up to, including, (<=) 6.50\(abzd.2\)
cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wax630s » Version: N/A
Zyxel » Wax650s Firmware
Versions up to, including, (<=) 6.50\(abrm.2\)
cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wax650s » Version: N/A
Zyxel » Usg Flex 50 Firmware
Versions from including (>=) 4.50 and before (<) 5.36
cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Usg Flex 50 » Version: N/A
Zyxel » Nwa1123-ac Hd Firmware
Versions up to, including, (<=) 6.25\(abin.9\)
cpe:2.3:o:zyxel:nwa1123-ac_hd_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa1123-ac Hd » Version: N/A
Zyxel » Nwa220ax-6e Firmware
Versions up to, including, (<=) 6.50\(acco.2\)
cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa220ax-6e » Version: N/A
Zyxel » Nwa50ax-pro Firmware
Versions up to, including, (<=) 6.50\(acge.0\)
cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa50ax-pro » Version: N/A
Zyxel » Nwa5123-ac Hd Firmware
Versions up to, including, (<=) 6.25\(abim.9\)
cpe:2.3:o:zyxel:nwa5123-ac_hd_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa5123-ac Hd » Version: N/A
Zyxel » Nwa90ax-pro Firmware
Versions up to, including, (<=) 6.50\(acgf.0\)
cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Nwa90ax-pro » Version: N/A
Zyxel » Wac6553d-e Firmware
Versions up to, including, (<=) 6.28\(aasg.0\)
cpe:2.3:o:zyxel:wac6553d-e_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wac6553d-e » Version: N/A
Zyxel » Wax620d-6e Firmware
Versions up to, including, (<=) 6.50\(accn.2\)
cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wax620d-6e » Version: N/A
Zyxel » Wax640s-6e Firmware
Versions up to, including, (<=) 6.50\(accm.2\)
cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wax640s-6e » Version: N/A
Zyxel » Wax655e Firmware
Versions up to, including, (<=) 6.50\(acdo.2\)
cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Zyxel » Wax655e » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2023-22918

EPSS FAQ

0.21%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 40 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-22918

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	2.8	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	2.8	3.6	Zyxel Corporation
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2023-22918

CWE-359 Exposure of Private Personal Information to an Unauthorized Actor

The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.

Assigned by: security@zyxel.com.tw (Secondary)

References for CVE-2023-22918

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps

Page Not Found | Zyxel Networks
Patch;Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2023-22918

Products affected by CVE-2023-22918

Exploit prediction scoring system (EPSS) score for CVE-2023-22918

CVSS scores for CVE-2023-22918

CWE ids for CVE-2023-22918

References for CVE-2023-22918