CVE-2023-34141

Name of the Vulnerable Software and Affected Versions Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2 Zyxel USG FLEX series firmware versions 5.00 through 5.36 Patch 2 Zyxel USG FLEX 50(W) series firmware versions 5.00 through 5.36 Patch 2 Zyxel USG20(W)-VPN series firmware versions 5.00 through 5.36 Patch 2 Zyxel VPN series firmware versions 5.00 through 5.36 Patch 2 Zyxel NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3) Zyxel NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4)

Description A command injection vulnerability in the access point management feature could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the managed AP list in advance. The vulnerability is related to the failure to neutralize special elements used in the operating system command.

Recommendations For Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, update to a version later than 5.36 Patch 2. For Zyxel USG FLEX series firmware versions 5.00 through 5.36 Patch 2, update to a version later than 5.36 Patch 2. For Zyxel USG FLEX 50(W) series firmware versions 5.00 through 5.36 Patch 2, update to a version later than 5.36 Patch 2. For Zyxel USG20(W)-VPN series firmware versions 5.00 through 5.36 Patch 2, update to a version later than 5.36 Patch 2. For Zyxel VPN series firmware versions 5.00 through 5.36 Patch 2, update to a version later than 5.36 Patch 2. For Zyxel NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), update to a version later than 6.10(AAIG.3). For Zyxel NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), update to a version later than 6.10(AAOS.4). As a temporary workaround, consider restricting access to the access point management feature to minimize the risk of exploitation.