CVE & CISA-KEV Catalog

CVE-2022-43393

HIGH
8.2
CVSS v3
NVD

Description

An improper check for unusual or exceptional conditions in the HTTP request processing function of Zyxel GS1920-24v2 firmware prior to V4.70(ABMH.8)C0, which could allow an unauthenticated attacker to corrupt the contents of the memory and result in a denial-of-service (DoS) condition on a vulnerable device.

How to fix

Remediation Available
gs1350-12hp firmwareNVD
Affected:< 4.70(abpj.5)c0Fixed in:4.70(abpj.5)c0CVE-2022-43393derived from NVD
gs1350-18hp firmwareNVD
Affected:< 4.70(abpk.5)c0Fixed in:4.70(abpk.5)c0CVE-2022-43393derived from NVD
gs1350-26hp firmwareNVD
Affected:< 4.70(abpl.5)c0Fixed in:4.70(abpl.5)c0CVE-2022-43393derived from NVD
gs1350-6hp firmwareNVD
Affected:< 4.70(abpi.5)c0Fixed in:4.70(abpi.5)c0CVE-2022-43393derived from NVD
gs1915-24e firmwareNVD
Affected:< 4.70(acdr.3)c0Fixed in:4.70(acdr.3)c0CVE-2022-43393derived from NVD
gs1915-24ep firmwareNVD
Affected:< 4.70(acds.3)c0Fixed in:4.70(acds.3)c0CVE-2022-43393derived from NVD
gs1915-8 firmwareNVD
Affected:< 4.70(acap.3)c0Fixed in:4.70(acap.3)c0CVE-2022-43393derived from NVD
gs1915-8ep firmwareNVD
Affected:< 4.70(acaq.3)c0Fixed in:4.70(acaq.3)c0CVE-2022-43393derived from NVD
gs1920-24hpv2 firmwareNVD
Affected:< 4.70(abmi.8)c0Fixed in:4.70(abmi.8)c0CVE-2022-43393derived from NVD
gs1920-24v2 firmwareNVD
Affected:< 4.70(abmh.8)c0Fixed in:4.70(abmh.8)c0CVE-2022-43393derived from NVD
gs1920-48hpv2 firmwareNVD
Affected:< 4.70(abmk.8)c0Fixed in:4.70(abmk.8)c0CVE-2022-43393derived from NVD
gs1920-48v2 firmwareNVD
Affected:< 4.70(abmj.8)c0Fixed in:4.70(abmj.8)c0CVE-2022-43393derived from NVD
gs2220-10 firmwareNVD
Affected:< 4.70(abro.6)c0Fixed in:4.70(abro.6)c0CVE-2022-43393derived from NVD
gs2220-10hp firmwareNVD
Affected:< 4.70(abrp.6)c0Fixed in:4.70(abrp.6)c0CVE-2022-43393derived from NVD
gs2220-28 firmwareNVD
Affected:< 4.70(abrq.6)c0Fixed in:4.70(abrq.6)c0CVE-2022-43393derived from NVD
gs2220-28hp firmwareNVD
Affected:< 4.70(abrr.6)c0Fixed in:4.70(abrr.6)c0CVE-2022-43393derived from NVD
gs2220-50 firmwareNVD
Affected:< 4.70(abrs.6)c0Fixed in:4.70(abrs.6)c0CVE-2022-43393derived from NVD
gs2220-50hp firmwareNVD
Affected:< 4.70(abrt.6)c0Fixed in:4.70(abrt.6)c0CVE-2022-43393derived from NVD
mgs3500-24s firmwareNVD
Affected:< 4.10(abbr.2)c0Fixed in:4.10(abbr.2)c0CVE-2022-43393derived from NVD
mgs3520-28 firmwareNVD
Affected:< 4.10(aatn.5)c0Fixed in:4.10(aatn.5)c0CVE-2022-43393derived from NVD
mgs3520-28f firmwareNVD
Affected:< 4.10(aatm.4)c0Fixed in:4.10(aatm.4)c0CVE-2022-43393derived from NVD
mgs3530-28 firmwareNVD
Affected:< 4.10(acem.2)c0Fixed in:4.10(acem.2)c0CVE-2022-43393derived from NVD
xgs1930-28 firmwareNVD
Affected:< 4.70(abht.5)c0Fixed in:4.70(abht.5)c0CVE-2022-43393derived from NVD
xgs1930-28hp firmwareNVD
Affected:< 4.70(abhs.5)c0Fixed in:4.70(abhs.5)c0CVE-2022-43393derived from NVD
xgs1930-52 firmwareNVD
Affected:< 4.70(abhu.5)c0Fixed in:4.70(abhu.5)c0CVE-2022-43393derived from NVD
xgs1930-52hp firmwareNVD
Affected:< 4.70(abhv.5)c0Fixed in:4.70(abhv.5)c0CVE-2022-43393derived from NVD
xgs2210-28 firmwareNVD
Affected:< 4.70(aazj.2)c0Fixed in:4.70(aazj.2)c0CVE-2022-43393derived from NVD
xgs2210-28hp firmwareNVD
Affected:< 4.70(aazl.2)c0Fixed in:4.70(aazl.2)c0CVE-2022-43393derived from NVD
xgs2210-52 firmwareNVD
Affected:< 4.70(aazk.2)c0Fixed in:4.70(aazk.2)c0CVE-2022-43393derived from NVD
xgs2210-52hp firmwareNVD
Affected:< 4.70(aazm.2)c0Fixed in:4.70(aazm.2)c0CVE-2022-43393derived from NVD
xgs2220-30 firmwareNVD
Affected:< 4.80(abxn.1)c0Fixed in:4.80(abxn.1)c0CVE-2022-43393derived from NVD
xgs2220-30f firmwareNVD
Affected:< 4.80(abye.1)c0Fixed in:4.80(abye.1)c0CVE-2022-43393derived from NVD
xgs2220-30hp firmwareNVD
Affected:< 4.80(abxo.1)c0Fixed in:4.80(abxo.1)c0CVE-2022-43393derived from NVD
xgs2220-54 firmwareNVD
Affected:< 4.80(abxp.1)c0Fixed in:4.80(abxp.1)c0CVE-2022-43393derived from NVD
xgs2220-54fp firmwareNVD
Affected:< 4.80(acce.1)c0Fixed in:4.80(acce.1)c0CVE-2022-43393derived from NVD
xgs2220-54hp firmwareNVD
Affected:< 4.80(abxq.1)c0Fixed in:4.80(abxq.1)c0CVE-2022-43393derived from NVD
xgs4600-32 firmwareNVD
Affected:< 4.70(abbh.4)c0Fixed in:4.70(abbh.4)c0CVE-2022-43393derived from NVD
xgs4600-32f firmwareNVD
Affected:< 4.70(abbi.4)c0Fixed in:4.70(abbi.4)c0CVE-2022-43393derived from NVD
xgs4600-52f firmwareNVD
Affected:< 4.70(abik.4)c0Fixed in:4.70(abik.4)c0CVE-2022-43393derived from NVD
xmg1930-30 firmwareNVD
Affected:< 4.80(acar.0)Fixed in:4.80(acar.0)CVE-2022-43393derived from NVD
xmg1930-30hp firmwareNVD
Affected:< 4.80(acas.0)Fixed in:4.80(acas.0)CVE-2022-43393derived from NVD
xs1930-10 firmwareNVD
Affected:< 4.80(abqe.0)c0Fixed in:4.80(abqe.0)c0CVE-2022-43393derived from NVD
xs1930-12f firmwareNVD
Affected:< 4.80(abzv.0)c0Fixed in:4.80(abzv.0)c0CVE-2022-43393derived from NVD
xs1930-12hp firmwareNVD
Affected:< 4.80(abqf.0)c0Fixed in:4.80(abqf.0)c0CVE-2022-43393derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityLow
AvailabilityHigh

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Exploit Intelligence

0.56%probability of exploitation in 30 days
43rdpercentile

Moderate risk: more likely to be exploited than 43% of all known CVEs.

References

Vendor Advisory1

Related Vulnerabilities

Other CWE-754 vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2024-4367High8.873%-Fix
CVE-2022-39288High7.559%-Fix
CVE-2023-30591High7.554%--
CVE-2023-41993High8.829%KEVFix
CVE-2024-43044High8.829%-Fix
CVE-2024-3393High7.527%KEVFix
Embed a live status badge for CVE-2022-43393
CVE-2022-43393 severity badge

Markdown

[![CVE-2022-43393](https://tridentstack.com/cve/badge/CVE-2022-43393.svg)](https://tridentstack.com/cve/CVE-2022-43393)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-43393"><img src="https://tridentstack.com/cve/badge/CVE-2022-43393.svg" alt="CVE-2022-43393"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.