CVE-2023-43314

Name of the Vulnerable Software and Affected Versions ZyXel PMG2005-T20B firmware version V1.00(ABNK.2)b11 C0

Description The issue is related to a buffer overflow vulnerability in the cgi-bin/login.asp component of the ZyXel PMG2005-T20B firmware. This vulnerability can be exploited by a remote attacker to cause a denial of service condition via a crafted uid parameter.

Recommendations For ZyXel PMG2005-T20B firmware version V1.00(ABNK.2)b11 C0, as a temporary workaround, consider restricting access to the cgi-bin/login.asp component until a patch is available. Avoid using the uid parameter in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.