Vulnerability identifier: #VU63561

Vulnerability risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-26531

CWE-ID: CWE-20

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
USG series
Client/Desktop applications / Antivirus software/Personal firewalls
USG FLEX series
Client/Desktop applications / Antivirus software/Personal firewalls
VPN series
Client/Desktop applications / Antivirus software/Personal firewalls
ZyWALL
Other software / Other software solutions
ATP series
Hardware solutions / Routers for home users
NSG series
Hardware solutions / Routers for home users
NXC2500
Hardware solutions / Routers & switches, VoIP, GSM, etc
NXC5500
Hardware solutions / Routers & switches, VoIP, GSM, etc
NAP203
Hardware solutions / Routers & switches, VoIP, GSM, etc
NAP303
Hardware solutions / Routers & switches, VoIP, GSM, etc
NAP353
Hardware solutions / Routers & switches, VoIP, GSM, etc
NWA50AX
Hardware solutions / Routers & switches, VoIP, GSM, etc
NWA55AXE
Hardware solutions / Routers & switches, VoIP, GSM, etc
NWA90AX
Hardware solutions / Routers & switches, VoIP, GSM, etc
NWA1123-AC-HD
Hardware solutions / Routers & switches, VoIP, GSM, etc
NWA1123-AC-PRO
Hardware solutions / Routers & switches, VoIP, GSM, etc
NWA5123-AC-HD
Hardware solutions / Routers & switches, VoIP, GSM, etc
WAX630S
Hardware solutions / Routers & switches, VoIP, GSM, etc
NWA110AX
Hardware solutions / Firmware
NWA210AX
Hardware solutions / Firmware
NWA1123ACv3
Hardware solutions / Firmware
NWA1302-AC
Hardware solutions / Firmware
WAC500H
Hardware solutions / Firmware
WAC500
Hardware solutions / Firmware
WAC5302D-S
Hardware solutions / Firmware
WAC5302D-Sv2
Hardware solutions / Firmware
WAC6103D-I
Hardware solutions / Firmware
WAC6303D-S
Hardware solutions / Firmware
WAC6502D-E
Hardware solutions / Firmware
WAC6502D-S
Hardware solutions / Firmware
WAC6503D-S
Hardware solutions / Firmware
WAC6553D-E
Hardware solutions / Firmware
WAC6552D-S
Hardware solutions / Firmware
WAX510D
Hardware solutions / Firmware
WAX610D
Hardware solutions / Firmware
WAX650S
Hardware solutions / Firmware

Vendor: ZyXEL Communications Corp.

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in some CLI commands. A local user can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

USG series: 4.09 - 4.71

ZyWALL: 4.09 - 4.71

USG FLEX series: 4.50 - 5.21

ATP series: 4.32 - 5.21

VPN series: 5.21 - 5.30

NSG series: 1.00 - 1.33 Patch 4

NXC2500: 6.10(AAIG.3)

NXC5500: 6.10(AAOS.3)

NAP203: 6.25(ABFA.7)

NAP303: 6.25(ABEX.7)

NAP353: 6.25(ABEY.7)

NWA50AX: 6.25(ABYW.5)

NWA55AXE: 6.25(ABZL.5)

NWA90AX: 6.27(ACCV.2)

NWA110AX: 6.30(ABTG.2)

NWA210AX: 6.30(ABTD.2)

NWA1123-AC-HD: 6.25(ABIN.6)

NWA1123-AC-PRO: 6.25(ABHD.7)

NWA1123ACv3: 6.30(ABVT.2)

NWA1302-AC: 6.25(ABKU.6)

NWA5123-AC-HD: 6.25(ABIM.6)

WAC500H: 6.30(ABWA.2)

WAC500: 6.30(ABVS.2)

WAC5302D-S: 6.10(ABFH.10)

WAC5302D-Sv2: 6.25(ABVZ.6)

WAC6103D-I: 6.25(AAXH.7)

WAC6303D-S: 6.25(ABGL.6)

WAC6502D-E: 6.25(AASD.7)

WAC6502D-S: 6.25(AASE.7)

WAC6503D-S: 6.25(AASF.7)

WAC6553D-E: 6.25(AASG.7)

WAC6552D-S: 6.25(ABIO.7)

WAX510D: 6.30(ABTF.2)

WAX610D: 6.30(ABTE.2)

WAX630S: 6.30(ABZD.2)

WAX650S: 6.30(ABRM.2)

---

External links
http://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.