216.73.217.80

CVE-2024-12398

· Published 14/01/2025 02:15 · Modified 21/01/2025 21:12

Labels: CVE-2024-12398 2025-01-14CVE-2024-12398CWE-269NVD-CWE-noinfo[email protected]

Essential information

Published
14/01/2025 02:15
Modified
21/01/2025 21:12
Author
Creator
CVSS
8.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
zyxel / nwa50ax firmware cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*
zyxel / nwa50ax cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*
zyxel / nwa50ax pro firmware cpe:2.3:o:zyxel:nwa50ax_pro_firmware:*:*:*:*:*:*:*:*
zyxel / nwa50ax pro cpe:2.3:h:zyxel:nwa50ax_pro:-:*:*:*:*:*:*:*
zyxel / nwa55axe firmware cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*
zyxel / nwa55axe cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*
zyxel / nwa90ax firmware cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*
zyxel / nwa90ax cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*
zyxel / nwa90ax pro firmware cpe:2.3:o:zyxel:nwa90ax_pro_firmware:*:*:*:*:*:*:*:*
zyxel / nwa90ax pro cpe:2.3:h:zyxel:nwa90ax_pro:-:*:*:*:*:*:*:*
zyxel / nwa110ax firmware cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*
zyxel / nwa110ax cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*
zyxel / nwa130be firmware cpe:2.3:o:zyxel:nwa130be_firmware:*:*:*:*:*:*:*:*
zyxel / nwa130be cpe:2.3:h:zyxel:nwa130be:-:*:*:*:*:*:*:*
zyxel / nwa210ax firmware cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*
zyxel / nwa210ax cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*
zyxel / nwa220ax-6e firmware cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*
zyxel / nwa220ax-6e cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*
zyxel / nwa1123acv3 firmware cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*
zyxel / nwa1123acv3 cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*
zyxel / wac500 firmware cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*
zyxel / wac500 cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*
zyxel / wac500h firmware cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*
zyxel / wac500h cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*
zyxel / wax300h firmware cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*
zyxel / wax300h cpe:2.3:h:zyxel:wax300h:-:*:*:*:*:*:*:*
zyxel / wax510d firmware cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*
zyxel / wax510d cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*
zyxel / wax610d firmware cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*
zyxel / wax610d cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*
zyxel / wax620d-6e firmware cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*
zyxel / wax620d-6e cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*
zyxel / wax630s firmware cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*
zyxel / wax630s cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*
zyxel / wax640s-6e firmware cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*
zyxel / wax640s-6e cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*
zyxel / wax650s firmware cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*
zyxel / wax650s cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*
zyxel / wax655e firmware cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*
zyxel / wax655e cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*
zyxel / wbe530 firmware cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*
zyxel / wbe530 cpe:2.3:h:zyxel:wbe530:-:*:*:*:*:*:*:*
zyxel / wbe660s firmware cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*
zyxel / wbe660s cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*
zyxel / usg lite 60ax firmware cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:*
zyxel / usg lite 60ax cpe:2.3:h:zyxel:usg_lite_60ax:-:*:*:*:*:*:*:*

References