CVE-2023-34140
Summary
| CVE | CVE-2023-34140 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-07-17 18:15:00 UTC |
| Updated | 2023-07-26 21:29:00 UTC |
| Description | A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN series firmware versions 4.30 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to cause denial of service (DoS) conditions by sending a crafted request to the CAPWAP daemon. |
Risk And Classification
Problem Types: CWE-120
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Zyxel | Nxc2500 | - | All | All | All |
| Operating System | Zyxel | Nxc2500 Firmware | All | All | All | All |
| Hardware | Zyxel | Nxc5500 | - | All | All | All |
| Operating System | Zyxel | Nxc5500 Firmware | All | All | All | All |
| Hardware | Zyxel | Usg 20w-vpn | - | All | All | All |
| Operating System | Zyxel | Usg 20w-vpn Firmware | All | All | All | All |
| Hardware | Zyxel | Usg 2200-vpn | - | All | All | All |
| Operating System | Zyxel | Usg 2200-vpn Firmware | All | All | All | All |
| Hardware | Zyxel | Usg Flex 100 | - | All | All | All |
| Hardware | Zyxel | Usg Flex 100w | - | All | All | All |
| Operating System | Zyxel | Usg Flex 100w Firmware | All | All | All | All |
| Operating System | Zyxel | Usg Flex 100 Firmware | All | All | All | All |
| Hardware | Zyxel | Usg Flex 200 | - | All | All | All |
| Operating System | Zyxel | Usg Flex 200 Firmware | All | All | All | All |
| Hardware | Zyxel | Usg Flex 50 | - | All | All | All |
| Hardware | Zyxel | Usg Flex 500 | - | All | All | All |
| Operating System | Zyxel | Usg Flex 500 Firmware | All | All | All | All |
| Hardware | Zyxel | Usg Flex 50w | - | All | All | All |
| Operating System | Zyxel | Usg Flex 50w Firmware | All | All | All | All |
| Operating System | Zyxel | Usg Flex 50 Firmware | All | All | All | All |
| Hardware | Zyxel | Usg Flex 700 | - | All | All | All |
| Operating System | Zyxel | Usg Flex 700 Firmware | All | All | All | All |
| Hardware | Zyxel | Zywall Atp100 | - | All | All | All |
| Hardware | Zyxel | Zywall Atp100w | - | All | All | All |
| Operating System | Zyxel | Zywall Atp100w Firmware | All | All | All | All |
| Operating System | Zyxel | Zywall Atp100 Firmware | All | All | All | All |
| Hardware | Zyxel | Zywall Atp200 | - | All | All | All |
| Operating System | Zyxel | Zywall Atp200 Firmware | All | All | All | All |
| Hardware | Zyxel | Zywall Atp500 | - | All | All | All |
| Operating System | Zyxel | Zywall Atp500 Firmware | All | All | All | All |
| Hardware | Zyxel | Zywall Atp700 | - | All | All | All |
| Operating System | Zyxel | Zywall Atp700 Firmware | All | All | All | All |
| Hardware | Zyxel | Zywall Atp800 | - | All | All | All |
| Operating System | Zyxel | Zywall Atp800 Firmware | All | All | All | All |
| Hardware | Zyxel | Zywall Vpn100 | - | All | All | All |
| Operating System | Zyxel | Zywall Vpn100 Firmware | All | All | All | All |
| Hardware | Zyxel | Zywall Vpn2s | - | All | All | All |
| Operating System | Zyxel | Zywall Vpn2s Firmware | All | All | All | All |
| Hardware | Zyxel | Zywall Vpn300 | - | All | All | All |
| Operating System | Zyxel | Zywall Vpn300 Firmware | All | All | All | All |
| Hardware | Zyxel | Zywall Vpn50 | - | All | All | All |
| Operating System | Zyxel | Zywall Vpn50 Firmware | All | All | All | All |
| Hardware | Zyxel | Zywall Vpn 100 | - | All | All | All |
| Operating System | Zyxel | Zywall Vpn 100 Firmware | All | All | All | All |
| Hardware | Zyxel | Zywall Vpn 300 | - | All | All | All |
| Operating System | Zyxel | Zywall Vpn 300 Firmware | All | All | All | All |
| Hardware | Zyxel | Zywall Vpn 50 | - | All | All | All |
| Operating System | Zyxel | Zywall Vpn 50 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Access denied | Zyxel Networks | MISC | www.zyxel.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.