CVE-2022-43393

Vulnerability

An improper check for unusual or exceptional conditions exists in the HTTP request processing function of Zyxel GS1920-24v2 firmware prior to V4.70(ABMH.8)C0. This vulnerability, identified as CVE-2022-43393, allows an unauthenticated attacker to corrupt memory contents, leading to a denial-of-service (DoS) condition. The affected model is the GS1920-24v2 running firmware versions before V4.70(ABMH.8)C0 [1].

Exploitation

An attacker does not require authentication and can exploit this vulnerability by sending specially crafted HTTP requests to the device's management interface over the network. The vulnerability resides in the HTTP request processing function, and successful exploitation triggers memory corruption that causes the device to crash or become unresponsive [1].

Impact

Successful exploitation results in a denial-of-service (DoS) condition, rendering the affected switch unavailable for normal network operations. The attack impacts availability, but no information disclosure or remote code execution has been reported [1].

Mitigation

Zyxel has released patched firmware version V4.70(ABMH.8)C0 for the GS1920-24v2 to address this vulnerability. Users are advised to update to this version. As switches are typically deployed in LAN environments, firewall restrictions can reduce exposure. For optimal protection, users should restrict HTTP/HTTPS remote access or limit access to specific IP addresses [1].