CVE-2022-45853 MEDIUM

CVE-2022-45853

Vendor Zyxel
Product GS1900-8HP firmware
Weakness CWE-269
Published May 30, 2023
Last update January 10, 2025

CVSS base score

6.7/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

The privilege escalation vulnerability in the Zyxel GS1900-8 firmware version V2.70(AAHH.3) and the GS1900-8HP firmware version V2.70(AAHI.3) could allow an authenticated, local attacker with administrator privileges to execute some system commands as 'root' on a vulnerable device via SSH.

Key dates

02Disclosure timeline

May 30, 2023 CVE published
January 10, 2025 Record updated

Related vulnerabilities

04Related CVE