CVE-2020-25014

Sažetak

A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.

Reference

https://businessforum.zyxel.com/categories/security-news-and-release
https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

10-12-2020 - 19:15

Objavljeno

27-11-2020 - 18:15