CVE-2023-28769
Published: 27 April 2023
Summary
CVE-2023-28769 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability in Zyxel Dx5401-B0 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 1.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
The vulnerability is a buffer overflow (CWE-120) in the libclinkc.so library used by the zhttpd web server component of Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0. With a CVSS 3.1 score of 9.8, the flaw resides in network-facing code that processes unauthenticated requests.
A remote attacker with no credentials or user interaction can send crafted input over the network to trigger the overflow, resulting in arbitrary OS command execution or denial-of-service conditions on the affected device.
Zyxel’s security advisory directs customers to upgrade to firmware V5.17(ABYO.1)C0 or later; the associated EPSS score has remained elevated, currently at 0.7219 with a recorded peak of 0.7417.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-32404
Vulnerability details
The buffer overflow vulnerability in the library “libclinkc.so” of the web server “zhttpd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a…
more
vulnerable device.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.