CVE-2020-29299
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before SD-OS V10.03 week32, USG before ZLD V4.39 week38, USG FLEX before ZLD V4.55 week38, ATP before ZLD V4.55 week38, and NSG before 1.33 patch 4.
Determinados productos Zyxel permiten una inyección de comandos por un administrador por medio de una cadena de entrada a la función chg_exp_pwd durante una acción de cambio de contraseña. Esto afecta a VPN local anterior a ZLD versión V4.39 week38, VPN Orchestrator anterior a SD-OS versión V10.03 week32, USG anterior a ZLD versión V4.39 week38, USG FLEX anterior a ZLD versión V4.55 week38, ATP anterior a ZLD versión V4.55 week38, y NSG anterior a versión 1.33 parche 4
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-11-27 CVE Reserved
- 2020-12-27 CVE Published
- 2023-09-12 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | < 4.55 Search vendor "Zyxel" for product "Zld" and version " < 4.55" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex Search vendor "Zyxel" for product "Usg Flex" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | < 4.55 Search vendor "Zyxel" for product "Zld" and version " < 4.55" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp Search vendor "Zyxel" for product "Atp" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Nsg Firmware Search vendor "Zyxel" for product "Nsg Firmware" | < 1.33 Search vendor "Zyxel" for product "Nsg Firmware" and version " < 1.33" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Nsg Search vendor "Zyxel" for product "Nsg" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Nsg Firmware Search vendor "Zyxel" for product "Nsg Firmware" | 1.33 Search vendor "Zyxel" for product "Nsg Firmware" and version "1.33" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Nsg Search vendor "Zyxel" for product "Nsg" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Nsg Firmware Search vendor "Zyxel" for product "Nsg Firmware" | 1.33 Search vendor "Zyxel" for product "Nsg Firmware" and version "1.33" | patch1 |
Affected
| in | Zyxel Search vendor "Zyxel" | Nsg Search vendor "Zyxel" for product "Nsg" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Usg Flex Firmware Search vendor "Zyxel" for product "Usg Flex Firmware" | - | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex Search vendor "Zyxel" for product "Usg Flex" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | < 4.39 Search vendor "Zyxel" for product "Zld" and version " < 4.39" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex Search vendor "Zyxel" for product "Usg Flex" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Vpn Orchestrator Search vendor "Zyxel" for product "Vpn Orchestrator" | < 10.03 Search vendor "Zyxel" for product "Vpn Orchestrator" and version " < 10.03" | - |
Affected
| ||||||
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | < 4.39 Search vendor "Zyxel" for product "Zld" and version " < 4.39" | - |
Affected
| ||||||