CVE-2022-30525 - Zyxel Multiple Firewalls OS Command Injection Vulnerability
Project:Zyxel
Product:Multiple Firewalls
Date Added:2022-05-16Due Date:2022-06-06
Vulnerability Name
Zyxel Multiple Firewalls OS Command Injection Vulnerability
Description
A command injection vulnerability in the CGI program of some Zyxel firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-30525