VYPR
← All advisories
Unrated severityNVD Advisory· Published Nov 28, 2023· Updated Dec 2, 2024

CVE-2023-5797

CVE-2023-5797

Description

An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

An improper privilege management vulnerability in the debug CLI of multiple Zyxel firewall and AP models allows authenticated local attackers to access administrator logs.

Vulnerability

An improper privilege management vulnerability exists in the debug CLI command of Zyxel firmware versions. Affected models include ATP series (firmware 4.32 through 5.37), USG FLEX series (4.50 through 5.37), USG FLEX 50(W) series (4.16 through 5.37), USG20(W)-VPN series (4.16 through 5.37), VPN series (4.30 through 5.37), NWA50AX (6.29(ABYW.2)), WAC500 (6.65(ABVS.1)), WAX300H (6.60(ACHF.1)), and WBE660S (6.65(ACGG.1)). The issue allows an authenticated local attacker to access administrator logs [1].

Exploitation

To exploit this vulnerability, an attacker requires authenticated local access to the device, for example via SSH or console. By invoking the debug CLI command with crafted parameters, the attacker can bypass privilege checks and read logs normally restricted to the administrator [1].

Impact

Successful exploitation enables the attacker to access sensitive administrator logs, potentially revealing configuration details, network topology, or other confidential information. This constitutes a breach of confidentiality, with no impact on integrity or availability [1].

Mitigation

Zyxel has released firmware patches for affected products. Firewall users should upgrade to version 5.38 or later. AP users should check the advisory for specific patched versions. If patching is not immediately possible, restrict local access to trusted users. No CVE-2023-5797 is listed on CISA's KEV [1].

References
  1. Zyxel security advisory for multiple vulnerabilities in firewalls and APs | Zyxel Networks

AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

12
  • Zyxel/NWA50AXllm-create
    Range: =6.29(ABYW.2)
  • Zyxel/ATP seriesllm-fuzzy2 versions
    >=4.32, <=5.37+ 1 more
    • (no CPE)range: >=4.32, <=5.37
    • (no CPE)range: versions 4.32 through 5.37
  • Zyxel/USG FLEX seriesllm-fuzzy3 versions
    >=4.50, <=5.37+ 2 more
    • (no CPE)range: >=4.50, <=5.37
    • (no CPE)range: versions 4.16 through 5.37
    • (no CPE)range: versions 4.50 through 5.37
  • Zyxel/NWA50AX firmwarev5
    Range: 6.29(ABYW.2)
  • Zyxel/USG20(W)-VPN seriescpe-rescue
    Range: versions 4.16 through 5.37
  • Zyxel/VPN seriescpe-rescue
    Range: versions 4.30 through 5.37
  • Zyxel/WAC500 firmwarev5
    Range: 6.65(ABVS.1)
  • Zyxel/WAX300H firmwarev5
    Range: 6.60(ACHF.1)
  • Zyxel/WBE660S firmwarev5
    Range: 6.65(ACGG.1)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.