CVE-2022-43393 — HIGH (8.2)

Q: How severe is CVE-2022-43393?

CVE-2022-43393 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-43393?

Check the references section above for vendor advisories and patch information. Affected products include: Zyxel Gs1350-6Hp Firmware, Zyxel Gs1350-6Hp, Zyxel Gs1350-12Hp Firmware, Zyxel Gs1350-12Hp, Zyxel Gs1350-18Hp Firmware.

Vulnerability Description

An improper check for unusual or exceptional conditions in the HTTP request processing function of Zyxel GS1920-24v2 firmware prior to V4.70(ABMH.8)C0, which could allow an unauthenticated attacker to corrupt the contents of the memory and result in a denial-of-service (DoS) condition on a vulnerable device.

CVSS Score

8.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

HIGH

Affected Products

Vendor	Product	Versions
Zyxel	Gs1350-6Hp Firmware	< 4.70\(abpi.5\)c0
Zyxel	Gs1350-6Hp	-
Zyxel	Gs1350-12Hp Firmware	< 4.70\(abpj.5\)c0
Zyxel	Gs1350-12Hp	-
Zyxel	Gs1350-18Hp Firmware	< 4.70\(abpk.5\)c0
Zyxel	Gs1350-18Hp	-
Zyxel	Gs1350-26Hp Firmware	< 4.70\(abpl.5\)c0
Zyxel	Gs1350-26Hp	-
Zyxel	Gs1915-8 Firmware	< 4.70\(acap.3\)c0
Zyxel	Gs1915-8	-
Zyxel	Gs1915-8Ep Firmware	< 4.70\(acaq.3\)c0
Zyxel	Gs1915-8Ep	-
Zyxel	Gs1915-24E Firmware	< 4.70\(acdr.3\)c0
Zyxel	Gs1915-24E	-
Zyxel	Gs1915-24Ep Firmware	< 4.70\(acds.3\)c0
Zyxel	Gs1915-24Ep	-
Zyxel	Gs1920-24V2 Firmware	< 4.70\(abmh.8\)c0
Zyxel	Gs1920-24V2	-
Zyxel	Gs1920-48V2 Firmware	< 4.70\(abmj.8\)c0
Zyxel	Gs1920-48V2	-

Related Weaknesses (CWE)

CWE-754

References

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisVendor Advisory
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisVendor Advisory

FAQ

What is CVE-2022-43393?

CVE-2022-43393 is a vulnerability with a CVSS score of 8.2 (HIGH). An improper check for unusual or exceptional conditions in the HTTP request processing function of Zyxel GS1920-24v2 firmware prior to V4.70(ABMH.8)C0, which could allow an unauthenticated attacker to...

How severe is CVE-2022-43393?

CVE-2022-43393 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-43393?

Check the references section above for vendor advisories and patch information. Affected products include: Zyxel Gs1350-6Hp Firmware, Zyxel Gs1350-6Hp, Zyxel Gs1350-12Hp Firmware, Zyxel Gs1350-12Hp, Zyxel Gs1350-18Hp Firmware.