CVE-2023-34139: Command Injection
First published: Mon Jul 17 2023(Updated: )
A command injection vulnerability in the Free Time WiFi hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.36 Patch 2 and VPN series firmware versions 4.20 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device.
Credit: security@zyxel.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zyxel USG2200-VPN Firmware | >=4.20<5.37 | |
| Zyxel USG2200-VPN Firmware | ||
| Zyxel USG Flex 100 firmware | >=4.50<5.37 | |
| Zyxel USG FLEX 100 | ||
| Zyxel USG FLEX 100w firmware | >=4.50<5.37 | |
| Zyxel USG FLEX 100w firmware | ||
| Zyxel USG FLEX firmware | >=4.50<5.37 | |
| Zyxel USG FLEX 200 firmware | ||
| Zyxel USG FLEX 50(W) series firmware | >=4.50<5.37 | |
| Zyxel USG FLEX 50 | ||
| Zyxel USG FLEX firmware | >=4.50<5.37 | |
| Zyxel USG FLEX 500 firmware | ||
| Zyxel USG FLEX 50w | >=4.50<5.37 | |
| Zyxel USG FLEX 50(W) series firmware | ||
| Zyxel USG FLEX firmware | >=4.50<5.37 | |
| Zyxel USG FLEX 700 firmware | ||
| Zyxel Zywall VPN 100 | >=4.20<5.37 | |
| Zyxel Zywall VPN 50 | ||
| Zyxel Zywall VPN 2S | >=4.20<5.37 | |
| Zyxel Zywall VPN 2S | ||
| Zyxel Zywall VPN 300 Firmware | >=4.20<5.37 | |
| Zyxel Zywall VPN 300 | ||
| Zyxel Zywall VPN 50 Firmware | >=4.20<5.37 | |
| Zyxel Zywall VPN 50 Firmware | ||
| Zyxel Zywall VPN 100 | >=4.20<5.37 | |
| Zyxel Zywall VPN100 | ||
| Zyxel Zywall VPN300 | >=4.20<5.37 | |
| Zyxel Zywall VPN300 | ||
| Zyxel Zywall VPN 50 | >=4.20<5.37 | |
| Zyxel Zywall VPN 50 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-34139.
What is the severity of CVE-2023-34139?
The severity of CVE-2023-34139 is high.
Which Zyxel products are affected by CVE-2023-34139?
Zyxel USG FLEX series firmware versions 4.50 through 5.36 Patch 2 and VPN series firmware versions 4.20 through 5.36 Patch 2 are affected.
How can an attacker exploit CVE-2023-34139?
An unauthenticated, LAN-based attacker can exploit CVE-2023-34139 by executing OS commands on an affected device.
Is there a fix for CVE-2023-34139?
Yes, users are advised to upgrade their firmware to version 5.37 or above to mitigate the vulnerability.
- collector/nvd-latest
- agent/author
- agent/type
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/zyxel
- canonical/zyxel usg2200-vpn firmware
- version/zyxel usg2200-vpn firmware/4.20
- canonical/zyxel usg flex 100 firmware
- version/zyxel usg flex 100 firmware/4.50
- canonical/zyxel usg flex 100
- canonical/zyxel usg flex 100w firmware
- version/zyxel usg flex 100w firmware/4.50
- canonical/zyxel usg flex firmware
- version/zyxel usg flex firmware/4.50
- canonical/zyxel usg flex 200 firmware
- canonical/zyxel usg flex 50(w) series firmware
- version/zyxel usg flex 50(w) series firmware/4.50
- canonical/zyxel usg flex 50
- canonical/zyxel usg flex 500 firmware
- canonical/zyxel usg flex 50w
- version/zyxel usg flex 50w/4.50
- canonical/zyxel usg flex 700 firmware
- canonical/zyxel zywall vpn 100
- version/zyxel zywall vpn 100/4.20
- canonical/zyxel zywall vpn 50
- canonical/zyxel zywall vpn 2s
- version/zyxel zywall vpn 2s/4.20
- canonical/zyxel zywall vpn 300 firmware
- version/zyxel zywall vpn 300 firmware/4.20
- canonical/zyxel zywall vpn 300
- canonical/zyxel zywall vpn 50 firmware
- version/zyxel zywall vpn 50 firmware/4.20
- canonical/zyxel zywall vpn100
- canonical/zyxel zywall vpn300
- version/zyxel zywall vpn300/4.20
- version/zyxel zywall vpn 50/4.20