{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-38546","assignerOrgId":"96e50032-ad0d-4058-a115-4d2c13821f9f","assignerShortName":"Zyxel","dateUpdated":"2025-04-15T18:52:24.120Z","dateReserved":"2022-08-22T00:00:00.000Z","datePublished":"2022-12-21T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"96e50032-ad0d-4058-a115-4d2c13821f9f","shortName":"Zyxel","dateUpdated":"2022-12-21T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"A DNS misconfiguration was found in Zyxel NBG7510 firmware versions prior to V1.00(ABZY.3)C0, which could allow an unauthenticated attacker to access the DNS server when the device is switched to the AP mode."}],"affected":[{"vendor":"Zyxel","product":"NBG7510 firmware","versions":[{"version":"< V1.00(ABZY.3)C0","status":"affected"}]}],"references":[{"url":"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dns-misconfiguration-in-nbg7510-home-router"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW","baseScore":5.3,"baseSeverity":"MEDIUM"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-284: Improper Access Control","cweId":"CWE-284"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T10:54:03.937Z"},"title":"CVE Program Container","references":[{"url":"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dns-misconfiguration-in-nbg7510-home-router","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-04-15T18:50:59.615374Z","id":"CVE-2022-38546","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-15T18:52:24.120Z"}}]}}