CVE-2024-11667

Zyxel Multiple Firewalls Path Traversal Vulnerability

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

Yes

*KEV

Decision

Act

*SSVC

Descriptions

A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL.

Una vulnerabilidad de directory traversal en la interfaz de administración web de las versiones de firmware de la serie Zyxel ATP V5.00 a V5.38, las versiones de firmware de la serie USG FLEX V5.00 a V5.38, las versiones de firmware de la serie USG FLEX 50(W) V5.10 a V5.38 y las versiones de firmware de la serie USG20(W)-VPN V5.10 a V5.38 podría permitir que un atacante descargue o cargue archivos a través de una URL manipulada específicamente.

Multiple Zyxel firewalls contain a path traversal vulnerability in the web management interface that could allow an attacker to download or upload files via a crafted URL.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Act

Exploitation

Active

Automatable

Yes

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-11-25 CVE Reserved
2024-11-27 CVE Published
2024-12-03 Exploited in Wild
2024-12-06 CVE Updated
2024-12-17 EPSS Updated
2024-12-24 KEV Due Date
---------- First Exploit

CWE

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CAPEC

References (2)

URL	Tag	Source
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-21-2024

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-27-2024	2024-12-06

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Zyxel Search vendor "Zyxel"		Atp Search vendor "Zyxel" for product "Atp"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Search vendor "Zyxel" for product "Usg"				*		-		Affected
Zyxel Search vendor "Zyxel"		Atp100 Firmware Search vendor "Zyxel" for product "Atp100 Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Atp100w Firmware Search vendor "Zyxel" for product "Atp100w Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Atp500 Firmware Search vendor "Zyxel" for product "Atp500 Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Atp700 Firmware Search vendor "Zyxel" for product "Atp700 Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Atp800 Firmware Search vendor "Zyxel" for product "Atp800 Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Atp Firmware Search vendor "Zyxel" for product "Atp Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg20-vpn Firmware Search vendor "Zyxel" for product "Usg20-vpn Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 100h Firmware Search vendor "Zyxel" for product "Usg Flex 100h Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 100hp Firmware Search vendor "Zyxel" for product "Usg Flex 100hp Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 100w Firmware Search vendor "Zyxel" for product "Usg Flex 100w Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 200 Firmware Search vendor "Zyxel" for product "Usg Flex 200 Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 200h Firmware Search vendor "Zyxel" for product "Usg Flex 200h Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 200hp Firmware Search vendor "Zyxel" for product "Usg Flex 200hp Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 500 Firmware Search vendor "Zyxel" for product "Usg Flex 500 Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 500h Firmware Search vendor "Zyxel" for product "Usg Flex 500h Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 500w Firmware Search vendor "Zyxel" for product "Usg Flex 500w Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 50 Firmware Search vendor "Zyxel" for product "Usg Flex 50 Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 50ax Firmware Search vendor "Zyxel" for product "Usg Flex 50ax Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 50w Firmware Search vendor "Zyxel" for product "Usg Flex 50w Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 60ax Firmware Search vendor "Zyxel" for product "Usg Flex 60ax Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 700 Firmware Search vendor "Zyxel" for product "Usg Flex 700 Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex 700h Firmware Search vendor "Zyxel" for product "Usg Flex 700h Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Usg Flex Firmware Search vendor "Zyxel" for product "Usg Flex Firmware"				*		-		Affected
Zyxel Search vendor "Zyxel"		Zld Search vendor "Zyxel" for product "Zld"				*		-		Affected