CVE-2022-26532: OS Command Injection
First published: Tue May 24 2022(Updated: )
A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.
Credit: security@zyxel.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zyxel VPN100 | >=4.30<=5.21 | |
| Zyxel Zywall VPN100 | ||
| Zyxel VPN1000 Firmware | >=4.30<=5.21 | |
| Zyxel VPN1000 Firmware | ||
| Zyxel Zywall VPN 300 Firmware | >=4.30<=5.21 | |
| Zyxel Zywall VPN300 | ||
| Zyxel Zywall VPN 50 Firmware | >=4.30<=5.21 | |
| Zyxel VPN50 Firmware | ||
| Zyxel ZyWall ATP100 Firmware | >=4.32<=5.21 | |
| Zyxel ATP100 Firmware | ||
| Zyxel ATP100W Firmware | >=4.32<=5.21 | |
| Zyxel ATP100W Firmware | ||
| Zyxel ATP200 firmware | >=4.32<=5.21 | |
| Zyxel Zywall ATP200 | ||
| Zyxel ATP500 Firmware | >=4.32<=5.21 | |
| Zyxel ATP500 Firmware | ||
| Zyxel Zywall ATP700 | >=4.32<=5.21 | |
| Zyxel ATP700 Firmware | ||
| Zyxel Zywall ATP800 Firmware | >=4.32<=5.21 | |
| Zyxel Zywall ATP800 Firmware | ||
| Zyxel USG 110 | >=4.09<=4.71 | |
| Zyxel USG 110 Firmware | ||
| Zyxel USG1100 firmware | >=4.09<=4.71 | |
| Zyxel USG 1100 firmware | ||
| Zyxel USG1900 Firmware | >=4.09<=4.71 | |
| Zyxel USG1900 | ||
| Zyxel USG 20W | >=4.09<=4.71 | |
| Zyxel USG20 | ||
| Zyxel USG 20W-VPN Firmware | >=4.09<=4.71 | |
| Zyxel USG20 | ||
| Zyxel USG2200-VPN Firmware | >=4.09<=4.71 | |
| Zyxel USG2200-VPN Firmware | ||
| Zyxel ZyWALL USG 310 firmware | >=4.09<=4.71 | |
| Zyxel ZyWALL USG 310 | ||
| Zyxel USG40W Firmware | >=4.09<=4.71 | |
| Zyxel USG40W | ||
| Zyxel USG40W Firmware | >=4.09<=4.71 | |
| Zyxel USG40W | ||
| Zyxel USG60 Firmware | >=4.09<=4.71 | |
| Zyxel USG60 Firmware | ||
| Zyxel USG60W Firmware | >=4.09<=4.71 | |
| Zyxel USG 60w firmware | ||
| Zyxel USG Flex 100 firmware | >=4.50<=5.21 | |
| Zyxel USG Flex 100 firmware | ||
| Zyxel USG FLEX 100w firmware | >=4.50<=5.21 | |
| Zyxel USG FLEX 100w firmware | ||
| Zyxel USG FLEX firmware | >=4.50<=5.21 | |
| Zyxel USG FLEX 200 firmware | ||
| Zyxel USG FLEX firmware | >=4.50<=5.21 | |
| Zyxel USG FLEX 500 firmware | ||
| Zyxel USG FLEX firmware | >=4.50<=5.21 | |
| Zyxel USG FLEX 700 firmware | ||
| Zyxel USG200 Firmware | >=4.09<=4.71 | |
| Zyxel USG200 Firmware | ||
| Zyxel USG20-VPN Firmware | >=4.09<=4.71 | |
| Zyxel USG20 Firmware | ||
| Zyxel USG210 Firmware | >=4.09<=4.71 | |
| Zyxel USG210 Firmware | ||
| Zyxel USG2200-VPN Firmware | >=4.09<=4.71 | |
| Zyxel USG2200-VPN | ||
| Zyxel USG300 Firmware | >=4.09<=4.71 | |
| Zyxel USG300 Firmware | ||
| Zyxel USG 310 firmware | >=4.09<=4.71 | |
| Zyxel USG 310 | ||
| Zyxel NSG firmware | >=1.00<1.33 | |
| Zyxel NSG firmware | =1.33 | |
| Zyxel NSG firmware | =1.33-patch1 | |
| Zyxel NSG firmware | =1.33-patch2 | |
| Zyxel NSG firmware | =1.33-patch3 | |
| Zyxel NSG firmware | =1.33-patch4 | |
| Zyxel NSG firmware | ||
| Zyxel NSG100 Firmware | >=1.00<1.33 | |
| Zyxel NSG100 Firmware | =1.33 | |
| Zyxel NSG100 Firmware | =1.33-patch1 | |
| Zyxel NSG100 Firmware | =1.33-patch2 | |
| Zyxel NSG100 Firmware | =1.33-patch3 | |
| Zyxel NSG100 Firmware | =1.33-patch4 | |
| Zyxel NSG100 Firmware | ||
| Zyxel NSG50 Firmware | >=1.00<1.33 | |
| Zyxel NSG50 Firmware | =1.33 | |
| Zyxel NSG50 Firmware | =1.33-patch1 | |
| Zyxel NSG50 Firmware | =1.33-patch2 | |
| Zyxel NSG50 Firmware | =1.33-patch3 | |
| Zyxel NSG50 Firmware | =1.33-patch4 | |
| Zyxel NSG firmware | ||
| Zyxel NXC2500 firmware | <=6.10\(aaig.3\) | |
| Zyxel NXC2500 firmware | ||
| Zyxel NXC5500 | <=6.10\(aaos.3\) | |
| Zyxel NXC5500 Firmware | ||
| Zyxel NAP203 Firmware | <=6.25\(abfa.7\) | |
| Zyxel NAP203 firmware | ||
| Zyxel NAP303 | <=6.25\(abex.7\) | |
| Zyxel NAP303 | ||
| Zyxel NAP353 | <=6.25\(abey.7\) | |
| Zyxel NAP353 Firmware | ||
| Zyxel NWA50AX-Pro firmware | <=6.25\(abyw.5\) | |
| Zyxel NWA50AX-PRO | ||
| Zyxel NWA55AXE Firmware | <=6.25\(abzl.5\) | |
| Zyxel NWA55AXE Firmware | ||
| Zyxel NWA90AX Pro Firmware | <=6.27\(accv.2\) | |
| Zyxel NWA90AX Firmware | ||
| Zyxel NWA110AX | <=6.30\(abtg.2\) | |
| Zyxel NWA110AX firmware | ||
| Zyxel NWA210AX | <=6.30\(abtd.2\) | |
| Zyxel NWA210AX Firmware | ||
| Zyxel NWA5123-AC-HD Firmware | <=6.25\(abin.6\) | |
| Zyxel NWA1123-AC HD | ||
| Zyxel NWA1123-AC PRO firmware | <=6.25\(abhd.7\) | |
| Zyxel NWA1123-AC-PRO Firmware | ||
| Zyxel NWA1123-AC PRO firmware | <=6.30\(abvt.2\) | |
| Zyxel NWA1123-AC PRO firmware | ||
| Zyxel NWA1302-AC Firmware | <=6.25\(abku.6\) | |
| Zyxel NWA1302-AC Firmware | ||
| Zyxel NWA5123-AC HD Firmware | <=6.25\(abim.6\) | |
| Zyxel NWA5123-AC HD | ||
| Zyxel WAC500H Firmware | <=6.30\(abwa.2\) | |
| Zyxel WAC500H Firmware | ||
| Zyxel WAC500H Firmware | <=6.30\(abvs.2\) | |
| Zyxel WAC500 firmware | ||
| Zyxel WAC5302D-SV2 | <=6.10\(abfh.10\) | |
| Zyxel WAC5302D-S Firmware | ||
| Zyxel WAC5302D-SV2 | <=6.25\(abvz.6\) | |
| Zyxel WAC5302D-SV2 Firmware | ||
| Zyxel WAC6103D-I | <=6.25\(aaxh.7\) | |
| Zyxel WAC6103D-I Firmware | ||
| Zyxel WAC6303D-S | <=6.25\(abgl.6\) | |
| Zyxel WAC6303D-S firmware | ||
| Zyxel WAC6502D-S | <=6.25\(aasd.7\) | |
| Zyxel WAC6502D-E Firmware | ||
| Zyxel WAC6502D-S | <=6.25\(aase.7\) | |
| Zyxel WAC6502D-S Firmware | ||
| Zyxel WAC6503D-S Firmware | <=6.25\(aasf.7\) | |
| Zyxel WAC6503D-S Firmware | ||
| Zyxel WAC6553D-S | <=6.25\(aasg.7\) | |
| Zyxel WAC6553D-S Firmware | ||
| Zyxel WAC6552D-S Firmware | <=6.25\(abio.7\) | |
| Zyxel WAC6552D-S Firmware | ||
| Zyxel WAX510D firmware | <=6.30\(abtf.2\) | |
| Zyxel WAX510D firmware | ||
| Zyxel WAX610D | <=6.30\(abte.2\) | |
| Zyxel WAX610D Firmware | ||
| Zyxel WAX630S Firmware | <=6.30\(abzd.2\) | |
| Zyxel WAX630S Firmware | ||
| Zyxel WAX650S Firmware | <=6.30\(abrm.2\) | |
| Zyxel WAX650S Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-26532?
CVE-2022-26532 is categorized as a high-severity vulnerability due to its potential to enable remote code execution.
How do I fix CVE-2022-26532?
To mitigate CVE-2022-26532, users should upgrade the affected Zyxel firmware to the latest recommended version.
Which Zyxel devices are affected by CVE-2022-26532?
CVE-2022-26532 impacts various Zyxel devices including USG, VPN, USG FLEX, ATP, and NSG series firmware versions specified in the vulnerability details.
What does CVE-2022-26532 exploit?
CVE-2022-26532 exploits an argument injection vulnerability in the 'packet-trace' command of affected Zyxel device firmware.
How can I determine if my Zyxel device is vulnerable to CVE-2022-26532?
You can determine if your Zyxel device is vulnerable to CVE-2022-26532 by checking the firmware version against the list of affected versions provided in the vulnerability report.
- agent/type
- agent/weakness
- agent/author
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/zyxel
- canonical/zyxel vpn100
- version/zyxel vpn100/4.30
- version/zyxel vpn100/5.21
- canonical/zyxel zywall vpn100
- canonical/zyxel vpn1000 firmware
- version/zyxel vpn1000 firmware/4.30
- version/zyxel vpn1000 firmware/5.21
- canonical/zyxel zywall vpn 300 firmware
- version/zyxel zywall vpn 300 firmware/4.30
- version/zyxel zywall vpn 300 firmware/5.21
- canonical/zyxel zywall vpn300
- canonical/zyxel zywall vpn 50 firmware
- version/zyxel zywall vpn 50 firmware/4.30
- version/zyxel zywall vpn 50 firmware/5.21
- canonical/zyxel vpn50 firmware
- canonical/zyxel zywall atp100 firmware
- version/zyxel zywall atp100 firmware/4.32
- version/zyxel zywall atp100 firmware/5.21
- canonical/zyxel atp100 firmware
- canonical/zyxel atp100w firmware
- version/zyxel atp100w firmware/4.32
- version/zyxel atp100w firmware/5.21
- canonical/zyxel atp200 firmware
- version/zyxel atp200 firmware/4.32
- version/zyxel atp200 firmware/5.21
- canonical/zyxel zywall atp200
- canonical/zyxel atp500 firmware
- version/zyxel atp500 firmware/4.32
- version/zyxel atp500 firmware/5.21
- canonical/zyxel zywall atp700
- version/zyxel zywall atp700/4.32
- version/zyxel zywall atp700/5.21
- canonical/zyxel atp700 firmware
- canonical/zyxel zywall atp800 firmware
- version/zyxel zywall atp800 firmware/4.32
- version/zyxel zywall atp800 firmware/5.21
- canonical/zyxel usg 110
- version/zyxel usg 110/4.09
- version/zyxel usg 110/4.71
- canonical/zyxel usg 110 firmware
- canonical/zyxel usg1100 firmware
- version/zyxel usg1100 firmware/4.09
- version/zyxel usg1100 firmware/4.71
- canonical/zyxel usg 1100 firmware
- canonical/zyxel usg1900 firmware
- version/zyxel usg1900 firmware/4.09
- version/zyxel usg1900 firmware/4.71
- canonical/zyxel usg1900
- canonical/zyxel usg 20w
- version/zyxel usg 20w/4.09
- version/zyxel usg 20w/4.71
- canonical/zyxel usg20
- canonical/zyxel usg 20w-vpn firmware
- version/zyxel usg 20w-vpn firmware/4.09
- version/zyxel usg 20w-vpn firmware/4.71
- canonical/zyxel usg2200-vpn firmware
- version/zyxel usg2200-vpn firmware/4.09
- version/zyxel usg2200-vpn firmware/4.71
- canonical/zyxel zywall usg 310 firmware
- version/zyxel zywall usg 310 firmware/4.09
- version/zyxel zywall usg 310 firmware/4.71
- canonical/zyxel zywall usg 310
- canonical/zyxel usg40w firmware
- version/zyxel usg40w firmware/4.09
- version/zyxel usg40w firmware/4.71
- canonical/zyxel usg40w
- canonical/zyxel usg60 firmware
- version/zyxel usg60 firmware/4.09
- version/zyxel usg60 firmware/4.71
- canonical/zyxel usg60w firmware
- version/zyxel usg60w firmware/4.09
- version/zyxel usg60w firmware/4.71
- canonical/zyxel usg 60w firmware
- canonical/zyxel usg flex 100 firmware
- version/zyxel usg flex 100 firmware/4.50
- version/zyxel usg flex 100 firmware/5.21
- canonical/zyxel usg flex 100w firmware
- version/zyxel usg flex 100w firmware/4.50
- version/zyxel usg flex 100w firmware/5.21
- canonical/zyxel usg flex firmware
- version/zyxel usg flex firmware/4.50
- version/zyxel usg flex firmware/5.21
- canonical/zyxel usg flex 200 firmware
- canonical/zyxel usg flex 500 firmware
- canonical/zyxel usg flex 700 firmware
- canonical/zyxel usg200 firmware
- version/zyxel usg200 firmware/4.09
- version/zyxel usg200 firmware/4.71
- canonical/zyxel usg20-vpn firmware
- version/zyxel usg20-vpn firmware/4.09
- version/zyxel usg20-vpn firmware/4.71
- canonical/zyxel usg20 firmware
- canonical/zyxel usg210 firmware
- version/zyxel usg210 firmware/4.09
- version/zyxel usg210 firmware/4.71
- canonical/zyxel usg2200-vpn
- canonical/zyxel usg300 firmware
- version/zyxel usg300 firmware/4.09
- version/zyxel usg300 firmware/4.71
- canonical/zyxel usg 310 firmware
- version/zyxel usg 310 firmware/4.09
- version/zyxel usg 310 firmware/4.71
- canonical/zyxel usg 310
- canonical/zyxel nsg firmware
- version/zyxel nsg firmware/1.00
- version/zyxel nsg firmware/1.33
- version/zyxel nsg firmware/1.33-patch1
- version/zyxel nsg firmware/1.33-patch2
- version/zyxel nsg firmware/1.33-patch3
- version/zyxel nsg firmware/1.33-patch4
- canonical/zyxel nsg100 firmware
- version/zyxel nsg100 firmware/1.00
- version/zyxel nsg100 firmware/1.33
- version/zyxel nsg100 firmware/1.33-patch1
- version/zyxel nsg100 firmware/1.33-patch2
- version/zyxel nsg100 firmware/1.33-patch3
- version/zyxel nsg100 firmware/1.33-patch4
- canonical/zyxel nsg50 firmware
- version/zyxel nsg50 firmware/1.00
- version/zyxel nsg50 firmware/1.33
- version/zyxel nsg50 firmware/1.33-patch1
- version/zyxel nsg50 firmware/1.33-patch2
- version/zyxel nsg50 firmware/1.33-patch3
- version/zyxel nsg50 firmware/1.33-patch4
- canonical/zyxel nxc2500 firmware
- version/zyxel nxc2500 firmware/6.10\(aaig.3\)
- canonical/zyxel nxc5500
- version/zyxel nxc5500/6.10\(aaos.3\)
- canonical/zyxel nxc5500 firmware
- canonical/zyxel nap203 firmware
- version/zyxel nap203 firmware/6.25\(abfa.7\)
- canonical/zyxel nap303
- version/zyxel nap303/6.25\(abex.7\)
- canonical/zyxel nap353
- version/zyxel nap353/6.25\(abey.7\)
- canonical/zyxel nap353 firmware
- canonical/zyxel nwa50ax-pro firmware
- version/zyxel nwa50ax-pro firmware/6.25\(abyw.5\)
- canonical/zyxel nwa50ax-pro
- canonical/zyxel nwa55axe firmware
- version/zyxel nwa55axe firmware/6.25\(abzl.5\)
- canonical/zyxel nwa90ax pro firmware
- version/zyxel nwa90ax pro firmware/6.27\(accv.2\)
- canonical/zyxel nwa90ax firmware
- canonical/zyxel nwa110ax
- version/zyxel nwa110ax/6.30\(abtg.2\)
- canonical/zyxel nwa110ax firmware
- canonical/zyxel nwa210ax
- version/zyxel nwa210ax/6.30\(abtd.2\)
- canonical/zyxel nwa210ax firmware
- canonical/zyxel nwa5123-ac-hd firmware
- version/zyxel nwa5123-ac-hd firmware/6.25\(abin.6\)
- canonical/zyxel nwa1123-ac hd
- canonical/zyxel nwa1123-ac pro firmware
- version/zyxel nwa1123-ac pro firmware/6.25\(abhd.7\)
- canonical/zyxel nwa1123-ac-pro firmware
- version/zyxel nwa1123-ac pro firmware/6.30\(abvt.2\)
- canonical/zyxel nwa1302-ac firmware
- version/zyxel nwa1302-ac firmware/6.25\(abku.6\)
- canonical/zyxel nwa5123-ac hd firmware
- version/zyxel nwa5123-ac hd firmware/6.25\(abim.6\)
- canonical/zyxel nwa5123-ac hd
- canonical/zyxel wac500h firmware
- version/zyxel wac500h firmware/6.30\(abwa.2\)
- version/zyxel wac500h firmware/6.30\(abvs.2\)
- canonical/zyxel wac500 firmware
- canonical/zyxel wac5302d-sv2
- version/zyxel wac5302d-sv2/6.10\(abfh.10\)
- canonical/zyxel wac5302d-s firmware
- version/zyxel wac5302d-sv2/6.25\(abvz.6\)
- canonical/zyxel wac5302d-sv2 firmware
- canonical/zyxel wac6103d-i
- version/zyxel wac6103d-i/6.25\(aaxh.7\)
- canonical/zyxel wac6103d-i firmware
- canonical/zyxel wac6303d-s
- version/zyxel wac6303d-s/6.25\(abgl.6\)
- canonical/zyxel wac6303d-s firmware
- canonical/zyxel wac6502d-s
- version/zyxel wac6502d-s/6.25\(aasd.7\)
- canonical/zyxel wac6502d-e firmware
- version/zyxel wac6502d-s/6.25\(aase.7\)
- canonical/zyxel wac6502d-s firmware
- canonical/zyxel wac6503d-s firmware
- version/zyxel wac6503d-s firmware/6.25\(aasf.7\)
- canonical/zyxel wac6553d-s
- version/zyxel wac6553d-s/6.25\(aasg.7\)
- canonical/zyxel wac6553d-s firmware
- canonical/zyxel wac6552d-s firmware
- version/zyxel wac6552d-s firmware/6.25\(abio.7\)
- canonical/zyxel wax510d firmware
- version/zyxel wax510d firmware/6.30\(abtf.2\)
- canonical/zyxel wax610d
- version/zyxel wax610d/6.30\(abte.2\)
- canonical/zyxel wax610d firmware
- canonical/zyxel wax630s firmware
- version/zyxel wax630s firmware/6.30\(abzd.2\)
- canonical/zyxel wax650s firmware
- version/zyxel wax650s firmware/6.30\(abrm.2\)