Improper frame handling in the Zyxel XGS2220-30 firmware version V4.80(ABXN.1), XMG1930-30 firmware version V4.80(ACAR.1), and XS1930-10 firmware version V4.80(ABQE.1) could allow an unauthenticated LAN-based attacker to cause denial-of-service (DoS) conditions by sending crafted frames to an affected switch.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
History
21 Aug 2023, 16:07
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-755 | |
References | (MISC) https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-xgs2220-xmg1930-and-xs1930-series-switches - Patch, Vendor Advisory | |
CPE | cpe:2.3:o:zyxel:xs1930-10_firmware:4.80\(abqe.1\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:xmg1930-30_firmware:4.80\(acar.1\):*:*:*:*:*:*:* cpe:2.3:h:zyxel:xs1930-12f:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:xgs2220-54_firmware:4.80\(abxp.1\):*:*:*:*:*:*:* cpe:2.3:h:zyxel:xs1930-10:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:xgs2220-30_firmware:4.80\(abxn.1\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:xs1930-12hp_firmware:4.80\(abqf.1\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:xgs2220-54hp_firmware:4.80\(abxq.1\):*:*:*:*:*:*:* cpe:2.3:h:zyxel:xmg1930-30hp:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:xs1930-12f_firmware:4.80\(abzv.1\):*:*:*:*:*:*:* cpe:2.3:h:zyxel:xgs2220-30:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:xgs2220-30f_firmware:4.80\(abye.1\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:xmg1930-30hp_firmware:4.80\(acas.1\):*:*:*:*:*:*:* cpe:2.3:h:zyxel:xgs2220-30f:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:xgs2220-54fp:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:xgs2220-54fp_firmware:4.80\(acce.1\):*:*:*:*:*:*:* cpe:2.3:h:zyxel:xs1930-12hp:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:xgs2220-54:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:xgs2220-30hp_firmware:4.80\(abxo.1\):*:*:*:*:*:*:* cpe:2.3:h:zyxel:xgs2220-54hp:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:xgs2220-30hp:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:xmg1930-30:-:*:*:*:*:*:*:* |
14 Aug 2023, 17:27
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-14 17:15
Updated : 2024-02-05 00:01
NVD link : CVE-2023-28768
Mitre link : CVE-2023-28768
CVE.ORG link : CVE-2023-28768
JSON object : View
Products Affected
zyxel
- xs1930-12hp_firmware
- xmg1930-30hp
- xgs2220-30hp
- xgs2220-30hp_firmware
- xs1930-10_firmware
- xgs2220-54fp
- xgs2220-54
- xgs2220-54fp_firmware
- xgs2220-30
- xmg1930-30_firmware
- xgs2220-54hp
- xgs2220-30_firmware
- xs1930-12hp
- xgs2220-30f_firmware
- xmg1930-30
- xmg1930-30hp_firmware
- xgs2220-54hp_firmware
- xs1930-12f_firmware
- xs1930-10
- xgs2220-30f
- xgs2220-54_firmware
- xs1930-12f
CWE
CWE-755
Improper Handling of Exceptional Conditions