Format String Vulnerability in Zyxel NBG-418N v2 Firmware
CVE-2023-22923

6.5MEDIUM

Key Information:

Vendor: Zyxel
Status: Nbg-418n V2 Firmware
Vendor: CVE Published:; 1 May 2023

What is CVE-2023-22923?

A format string vulnerability exists in specific firmware versions of the Zyxel NBG-418N v2 router, which allows a remote authenticated attacker to exploit the flaw. This exploitation can lead to denial-of-service conditions, adversely affecting network services provided by the device. It is critical for users of affected firmware versions to apply available patches and updates to safeguard their network infrastructure.

Affected Version(s)

NBG-418N v2 firmware < V1.00(AARP.14)C0

References

https://www.zyxel.com/global/en/support/security-advisori...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2023
Vulnerability Reserved
Jan 10, 2023