CVSS 3.1 Score 7.2 of 10 (high)


Published Feb 20, 2024
Updated: Feb 21, 2024


CVE-2023-6398 is a post-authentication command injection vulnerability found in Zyxel ATP series firmware versions 4.32 through 5.37 Patch 1, USG FLEX series firmware versions 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions 4.16 through 5.37 Patch 1, USG FLEX H series firmware versions from 1.10 through 1.10 Patch 1, NWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1). An authenticated attacker with administrator privileges can exploit this vulnerability via FTP to execute operating system (OS) commands on the affected device. The potential danger is high as it allows an attacker to execute arbitrary commands, giving them control over the affected device and potentially compromising the organization's data and network security. Remediation of this vulnerability involves updating the affected firmware to versions that are beyond the vulnerable range specified in the description.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-6398 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options