PT-2023-2586 · Zyxel · Zyxel Nbg-418N
Toni Koivunen
·
Published
2023-01-10
·
Updated
2023-05-06
·
CVE-2023-22923
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0
Description
A format string vulnerability in a binary of the Zyxel NBG-418N v2 firmware could allow a remote authenticated attacker to cause denial-of-service (DoS) conditions on an affected device. The vulnerability is related to the use of uncontrolled format strings when processing binary files. Exploitation of the vulnerability may allow an attacker to cause a denial-of-service by sending specially crafted packets.
Recommendations
For Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0, update to a version that includes the fix for this issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Use of Externally-Controlled Format String
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zyxel Nbg-418N