March 22, 2023

Zyxel has addressed a critical security vulnerability (CVE-2022-30525, CVSS score: 9.8) affecting Zyxel firewall devices that enables unauthenticated and remote attackers to gain arbitrary code execution as the “nobody” user.

The issue was discovered by Rapid7 which reported it on April 13.

Zyxel silently addressed the flaw by releasing security updates on April 28, 2022, Rapid7 pointed out that this choice leaves defenders in the dark and only advantage the attackers.

Advertisements

The affected models vulnerable to unauthenticated and remote command injection via the administrative HTTP interface. Commands are executed as the nobody user.

There are more than 15,000 internet-facing vulnerable systems tracked by the Shodan search engine. The researchers also developed a Metasploit module for this issue and published a PoC of the attack

The vendor the following issues in its VMG3312-T20A wireless router and AP Configurator:

Tags:

1 thought on “Zyxel Addressed Firewall Vulnerability

  1. Pingback: Zyxel patches High and Medium Vulnerabilities in its products - TheCyberThrone

Leave a Reply

Related Post

Mandiant Report – Nation State Zero Day Exploits in 2022

Mandiant Report – Nation State Zero Day Exploits in 2022

March 22, 2023
Mispadu Banking Trojan

Mispadu Banking Trojan

March 22, 2023

You may have missed

Mandiant Report – Nation State Zero Day Exploits in 2022

Mandiant Report – Nation State Zero Day Exploits in 2022

March 22, 2023
Mispadu Banking Trojan

Mispadu Banking Trojan

March 22, 2023
DotRunpeX – Malware Injector Spreads in Wild

DotRunpeX – Malware Injector Spreads in Wild

March 21, 2023
Killnet Targets Healthcare Azure Resources

Killnet Targets Healthcare Azure Resources

March 21, 2023
NBA suffers a Data Breach – Third Party Provider Data Stolen

NBA suffers a Data Breach – Third Party Provider Data Stolen

March 21, 2023
Ferrari – Cyber Attack Ransom Demanded

Ferrari – Cyber Attack Ransom Demanded

March 21, 2023
%d bloggers like this: