{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T13:08:29.664","vulnerabilities":[{"cve":{"id":"CVE-2022-0342","sourceIdentifier":"security@zyxel.com.tw","published":"2022-03-28T13:15:07.747","lastModified":"2024-11-21T06:38:25.003","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware versions V1.20 through V1.33 Patch 4, which could allow an attacker to bypass the web authentication and obtain administrative access of the device."},{"lang":"es","value":"Una vulnerabilidad de omisión de autenticación en el programa CGI de USG/ZyWALL de Zyxel versiones de firmware de las series  4.20 a 4.70, las versiones de firmware de la serie USG FLEX 4.50 a 5.20, las versiones de firmware de la serie ATP 4.32 a 5.20, las versiones de firmware de la serie VPN 4.30 a 5.20 y las versiones de firmware de la serie NSG V1.20 a V1.33 Parche 4, que podría permitir a un atacante omitir la autenticación web y obtener acceso administrativo al dispositivo"}],"metrics":{"cvssMetricV31":[{"source":"security@zyxel.com.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security@zyxel.com.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"4.71","matchCriteriaId":"446021BD-AEA3-47E8-BF5D-6C649012E84D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*","matchCriteriaId":"5CCD2777-CC85-4BAA-B16B-19C2DB8DB742"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"4.71","matchCriteriaId":"B57804DF-D913-4300-8744-81DB99621240"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*","matchCriteriaId":"0906F3FA-793B-421D-B957-7E9C18C1AEC0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"4.71","matchCriteriaId":"D9ED6C58-3BF5-424F-AFB1-F6955F3488BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*","matchCriteriaId":"26900300-1325-4C8A-BC3B-A10233B2462A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"4.71","matchCriteriaId":"4FB78B59-C4C7-4595-9221-DDC0DCE09BB0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*","matchCriteriaId":"A5A7555E-BC29-460C-A701-7DCDEAFE67F3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"4.71","matchCriteriaId":"77FEF751-62FE-4F1B-A84C-30967A605EF5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*","matchCriteriaId":"145E41D9-E376-4B8E-A34F-F2C7ECFD649D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"4.71","matchCriteriaId":"E46647BB-F930-4648-A25D-C18D71D7A434"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*","matchCriteriaId":"B40C703E-C7C0-4B49-A336-83853D3E8C31"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"4.71","matchCriteriaId":"E2755DDA-287F-4C79-B663-C5DA9DBC5052"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*","matchCriteriaId":"BCE32A1C-A730-4893-BCB9-F753F8E65440"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.50","versionEndIncluding":"5.20","matchCriteriaId":"293C6F8B-51F7-44A5-ACAD-10586C9EB610"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*","matchCriteriaId":"2B30A4C0-9928-46AD-9210-C25656FB43FB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.50","versionEndIncluding":"5.20","matchCriteriaId":"B4F8A08F-8531-444E-BE70-6C0096BE8CAC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*","matchCriteriaId":"F93B6A06-2951-46D2-A7E1-103D7318D612"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.50","versionEndIncluding":"5.20","matchCriteriaId":"8553EF99-5F25-4F96-840C-1D5146C9CAF9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*","matchCriteriaId":"92C697A5-D1D3-4FF0-9C43-D27B18181958"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.50","versionEndIncluding":"5.20","matchCriteriaId":"05959C9F-4209-4B0B-81DD-6C98BFC43F7B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*","matchCriteriaId":"D74ABA7E-AA78-4A13-A64E-C44021591B42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.50","versionEndIncluding":"5.20","matchCriteriaId":"2C2F72A1-7D2D-4BC3-8440-937435507F5C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*","matchCriteriaId":"9D1396E3-731B-4D05-A3F8-F3ABB80D5C29"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.32","versionEndIncluding":"5.20","matchCriteriaId":"724173AB-0DA0-4EFE-A011-FAEF14A95D2A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*","matchCriteriaId":"7F7654A1-3806-41C7-82D4-46B0CD7EE53B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.32","versionEndIncluding":"5.20","matchCriteriaId":"A589B630-B42D-4BD5-BBBD-E71C8B5456B8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*","matchCriteriaId":"47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.32","versionEndIncluding":"5.20","matchCriteriaId":"14B0DB32-9453-47D8-8024-E6C8505DB617"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*","matchCriteriaId":"D68A36FF-8CAF-401C-9F18-94F3A2405CF4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.32","versionEndIncluding":"5.20","matchCriteriaId":"D5E79634-60EC-4548-B8BC-61E5560CBE75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*","matchCriteriaId":"2818E8AC-FFEE-4DF9-BF3F-C75166C0E851"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.32","versionEndIncluding":"5.20","matchCriteriaId":"BACE4393-DE77-4CE1-A453-B155A3CF9A7C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*","matchCriteriaId":"0B41F437-855B-4490-8011-DF59887BE6D5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.32","versionEndIncluding":"5.20","matchCriteriaId":"1D3DC512-0DE4-42DB-AD0C-240AB1B901B1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*","matchCriteriaId":"66B99746-0589-46E6-9CBD-F38619AD97DC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.30","versionEndExcluding":"5.21","matchCriteriaId":"62B6CADB-1FB0-4442-A116-055636AB6ECA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*","matchCriteriaId":"9E3AC823-0ECA-42D8-8312-2FBE5914E4C0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.30","versionEndExcluding":"5.21","matchCriteriaId":"D1265B3B-7C70-46C0-8E0C-1C05C7EF99EE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*","matchCriteriaId":"81D90A7B-174F-40A1-8AF4-08B15B7BAC40"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.30","versionEndExcluding":"5.21","matchCriteriaId":"B770A62D-3B2C-4B91-BB8E-4F36D3F20C9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*","matchCriteriaId":"3C45C303-1A95-4245-B242-3AB9B9106CD4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.30","versionEndExcluding":"5.21","matchCriteriaId":"0C509426-81BE-46AB-B083-DEA0DC762C85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*","matchCriteriaId":"EECD311A-4E96-4576-AADF-47291EDE3559"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:nsg300_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"1.20","versionEndExcluding":"1.33","matchCriteriaId":"40E88F87-44B1-4104-A8EB-3BC4A0BA3A45"},{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:nsg300_firmware:1.33:-:*:*:*:*:*:*","matchCriteriaId":"D43F6C03-E7EE-43B9-81B7-2B298134A591"},{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:nsg300_firmware:1.33:p4:*:*:*:*:*:*","matchCriteriaId":"97697676-94E6-4A6A-B9FB-07D8DD48BA06"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:nsg300:-:*:*:*:*:*:*:*","matchCriteriaId":"58B0886D-9AF4-453F-96DB-7ABAA5EE3B78"}]}]}],"references":[{"url":"https://www.zyxel.com/support/Zyxel-security-advisory-for-authentication-bypass-vulnerability-of-firewalls.shtml","source":"security@zyxel.com.tw","tags":["Vendor Advisory"]},{"url":"https://www.zyxel.com/support/Zyxel-security-advisory-for-authentication-bypass-vulnerability-of-firewalls.shtml","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}