CVE-2022-43393

CVSS V2 None CVSS V3 None
Description
An improper check for unusual or exceptional conditions in the HTTP request processing function of Zyxel GS1920-24v2 firmware prior to V4.70(ABMH.8)C0, which could allow an unauthenticated attacker to corrupt the contents of the memory and result in a denial-of-service (DoS) condition on a vulnerable device.
Overview
  • CVE ID
  • CVE-2022-43393
  • Assigner
  • security@zyxel.com.tw
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-01-11T02:15:11
  • Last Modified Date
  • 2023-01-18T23:37:41
Weakness Enumerations
CWE URL
CWE-754 http://cwe.mitre.org/data/definitions/754.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:zyxel:gs1350-6hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abpi.5\)c0
cpe:2.3:h:zyxel:gs1350-6hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs1350-12hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abpj.5\)c0
cpe:2.3:h:zyxel:gs1350-12hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs1350-18hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abpk.5\)c0
cpe:2.3:h:zyxel:gs1350-18hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs1350-26hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abpl.5\)c0
cpe:2.3:h:zyxel:gs1350-26hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs1915-8_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(acap.3\)c0
cpe:2.3:h:zyxel:gs1915-8:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs1915-8ep_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(acaq.3\)c0
cpe:2.3:h:zyxel:gs1915-8ep:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs1915-24e_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(acdr.3\)c0
cpe:2.3:h:zyxel:gs1915-24e:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs1915-24ep_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(acds.3\)c0
cpe:2.3:h:zyxel:gs1915-24ep:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs1920-24v2_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abmh.8\)c0
cpe:2.3:h:zyxel:gs1920-24v2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs1920-48v2_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abmj.8\)c0
cpe:2.3:h:zyxel:gs1920-48v2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs1920-24hpv2_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abmi.8\)c0
cpe:2.3:h:zyxel:gs1920-24hpv2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs1920-48hpv2_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abmk.8\)c0
cpe:2.3:h:zyxel:gs1920-48hpv2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs2220-10_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abro.6\)c0
cpe:2.3:h:zyxel:gs2220-10:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs2220-28_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abrq.6\)c0
cpe:2.3:h:zyxel:gs2220-28:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs2220-50_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abrs.6\)c0
cpe:2.3:h:zyxel:gs2220-50:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs2220-10hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abrp.6\)c0
cpe:2.3:h:zyxel:gs2220-10hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs2220-28hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abrr.6\)c0
cpe:2.3:h:zyxel:gs2220-28hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:gs2220-50hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abrt.6\)c0
cpe:2.3:h:zyxel:gs2220-50hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs1930-28_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abht.5\)c0
cpe:2.3:h:zyxel:xgs1930-28:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs1930-28hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abhs.5\)c0
cpe:2.3:h:zyxel:xgs1930-28hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs1930-52_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abhu.5\)c0
cpe:2.3:h:zyxel:xgs1930-52:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs1930-52hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abhv.5\)c0
cpe:2.3:h:zyxel:xgs1930-52hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xs1930-10_firmware:*:*:*:*:*:*:*:* 1 OR 4.80\(abqe.0\)c0
cpe:2.3:h:zyxel:xs1930-10:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xs1930-12hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.80\(abqf.0\)c0
cpe:2.3:h:zyxel:xs1930-12hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xs1930-12f_firmware:*:*:*:*:*:*:*:* 1 OR 4.80\(abzv.0\)c0
cpe:2.3:h:zyxel:xs1930-12f:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2210-28_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(aazj.2\)c0
cpe:2.3:h:zyxel:xgs2210-28:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2210-52_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(aazk.2\)c0
cpe:2.3:h:zyxel:xgs2210-52:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2210-28hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(aazl.2\)c0
cpe:2.3:h:zyxel:xgs2210-28hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2210-52hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(aazm.2\)c0
cpe:2.3:h:zyxel:xgs2210-52hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2220-30_firmware:*:*:*:*:*:*:*:* 1 OR 4.80\(abxn.1\)c0
cpe:2.3:h:zyxel:xgs2220-30:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2220-30hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.80\(abxo.1\)c0
cpe:2.3:h:zyxel:xgs2220-30hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2220-30f_firmware:*:*:*:*:*:*:*:* 1 OR 4.80\(abye.1\)c0
cpe:2.3:h:zyxel:xgs2220-30f:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2220-54_firmware:*:*:*:*:*:*:*:* 1 OR 4.80\(abxp.1\)c0
cpe:2.3:h:zyxel:xgs2220-54:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2220-54hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.80\(abxq.1\)c0
cpe:2.3:h:zyxel:xgs2220-54hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2220-54fp_firmware:*:*:*:*:*:*:*:* 1 OR 4.80\(acce.1\)c0
cpe:2.3:h:zyxel:xgs2220-54fp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs4600-32_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abbh.4\)c0
cpe:2.3:h:zyxel:xgs4600-32:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs4600-32f_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abbi.4\)c0
cpe:2.3:h:zyxel:xgs4600-32f:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs4600-52f_firmware:*:*:*:*:*:*:*:* 1 OR 4.70\(abik.4\)c0
cpe:2.3:h:zyxel:xgs4600-52f:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xmg1930-30_firmware:*:*:*:*:*:*:*:* 1 OR 4.80\(acar.0\)
cpe:2.3:h:zyxel:xmg1930-30:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xmg1930-30hp_firmware:*:*:*:*:*:*:*:* 1 OR 4.80\(acas.0\)
cpe:2.3:h:zyxel:xmg1930-30hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xs3800-28_firmware:*:*:*:*:*:*:*:* 1 OR 4.80\(abml.1\)c0
cpe:2.3:h:zyxel:xs3800-28:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:mgs3500-24s_firmware:*:*:*:*:*:*:*:* 1 OR 4.10\(abbr.2\)c0
cpe:2.3:h:zyxel:mgs3500-24s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:mgs3520-28_firmware:*:*:*:*:*:*:*:* 1 OR 4.10\(aatn.5\)c0
cpe:2.3:o:zyxel:mgs3520-28_firmware:4.10\(abqm.1\)c0:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:zyxel:mgs3520-28:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:mgs3520-28f_firmware:*:*:*:*:*:*:*:* 1 OR 4.10\(aatm.4\)c0
cpe:2.3:h:zyxel:mgs3520-28f:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:mgs3530-28_firmware:*:*:*:*:*:*:*:* 1 OR 4.10\(acem.2\)c0
cpe:2.3:o:zyxel:mgs3530-28_firmware:4.10\(acfj.0\)c0:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:zyxel:mgs3530-28:-:*:*:*:*:*:*:* 0 OR
References
Reference URL Reference Tags
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-switches
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-43393
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43393
History
Created Old Value New Value Data Type Notes
2023-01-11 02:17:19 Added to TrackCVE
2023-01-11 02:17:20 Weakness Enumeration new
2023-01-12 05:17:05 2023-01-11T15:09:22 CVE Modified Date updated
2023-01-12 05:17:05 Received Awaiting Analysis Vulnerability Status updated
2023-01-17 14:14:33 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-19 00:18:20 2023-01-18T23:37:41 CVE Modified Date updated
2023-01-19 00:18:20 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-19 00:18:24 CPE Information updated