CVE-2023-6397












A null pointer dereference vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1 and USG FLEX series firmware versions from 4.50 through 5.37 Patch 1 could allow a LAN-based attacker to cause denial-of-service (DoS) conditions by downloading a crafted RAR compressed file onto a LAN-side host if the firewall has the Anti-Malware feature enabled.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ZyxelCNA
6.5 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
VendorProductVersion
zyxelatp100_firmware
4.32 ≤
𝑥
< 5.37
zyxelatp100_firmware
5.37
zyxelatp100_firmware
5.37:patch1
zyxelatp100w_firmware
4.32 ≤
𝑥
< 5.37
zyxelatp100w_firmware
5.37
zyxelatp100w_firmware
5.37:patch1
zyxelatp200_firmware
4.32 ≤
𝑥
< 5.37
zyxelatp200_firmware
5.37
zyxelatp200_firmware
5.37:patch1
zyxelatp500_firmware
4.32 ≤
𝑥
< 5.37
zyxelatp500_firmware
5.37
zyxelatp500_firmware
5.37:patch1
zyxelatp700_firmware
4.32 ≤
𝑥
< 5.37
zyxelatp700_firmware
5.37
zyxelatp700_firmware
5.37:patch1
zyxelatp800_firmware
4.32 ≤
𝑥
< 5.37
zyxelatp800_firmware
5.37
zyxelatp800_firmware
5.37:patch1
zyxelusg_flex_100_firmware
4.50 ≤
𝑥
< 5.37
zyxelusg_flex_100_firmware
5.37
zyxelusg_flex_100_firmware
5.37:patch1
zyxelusg_flex_100ax_firmware
4.50 ≤
𝑥
< 5.37
zyxelusg_flex_100ax_firmware
5.37
zyxelusg_flex_100ax_firmware
5.37:patch1
zyxelusg_flex_100h_firmware
4.50 ≤
𝑥
< 5.37
zyxelusg_flex_100h_firmware
5.37
zyxelusg_flex_100h_firmware
5.37:patch1
zyxelusg_flex_100w_firmware
4.50 ≤
𝑥
< 5.37
zyxelusg_flex_100w_firmware
5.37
zyxelusg_flex_100w_firmware
5.37:patch1
zyxelusg_flex_200_firmware
4.50 ≤
𝑥
< 5.37
zyxelusg_flex_200_firmware
5.37
zyxelusg_flex_200_firmware
5.37:patch1
zyxelusg_flex_200h_firmware
4.50 ≤
𝑥
< 5.37
zyxelusg_flex_200h_firmware
5.37
zyxelusg_flex_200h_firmware
5.37:patch1
zyxelusg_flex_200hp_firmware
4.50 ≤
𝑥
< 5.37
zyxelusg_flex_200hp_firmware
5.37
zyxelusg_flex_200hp_firmware
5.37:patch1
zyxelusg_flex_50_firmware
4.50 ≤
𝑥
< 5.37
zyxelusg_flex_50_firmware
5.37
zyxelusg_flex_50_firmware
5.37:patch1
zyxelusg_flex_500_firmware
4.50 ≤
𝑥
< 5.37
zyxelusg_flex_500_firmware
5.37
zyxelusg_flex_500_firmware
5.37:patch1
zyxelusg_flex_500h_firmware
4.50 ≤
𝑥
< 5.37
zyxelusg_flex_500h_firmware
5.37
zyxelusg_flex_500h_firmware
5.37:patch1
zyxelusg_flex_50w_firmware
4.50 ≤
𝑥
< 5.37
zyxelusg_flex_50w_firmware
5.37
zyxelusg_flex_50w_firmware
5.37:patch1
zyxelusg_flex_700_firmware
4.50 ≤
𝑥
< 5.37
zyxelusg_flex_700_firmware
5.37
zyxelusg_flex_700_firmware
5.37:patch1
zyxelusg_flex_700h_firmware
4.50 ≤
𝑥
< 5.37
zyxelusg_flex_700h_firmware
5.37
zyxelusg_flex_700h_firmware
5.37:patch1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024