CVE-2022-30526 – Zyxel Firewall SUID Binary Privilege Escalation
https://notcve.org/view.php?id=CVE-2022-30526
A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device. Se ha identificado una vulnerabilidad de escalada de privilegios en el comando CLI del firmware Zyxel USG FLEX 100(W) versiones 4.50 a 5.30, firmware USG FLEX 200 versiones 4.50 a 5.30, firmware USG FLEX 500 versiones 4.50 a 5.30, firmware USG FLEX 700 versiones 4.50 a 5.30, firmware USG FLEX 50(W) versiones 4.16 a 5. 30, firmware USG20(W)-VPN versiones 4.16 a 5.30, firmware de la serie ATP versiones 4.32 a 5.30, firmware de la serie VPN versiones 4.30 a 5.30, firmware de la serie USG/ZyWALL versiones 4.09 a 4.72, lo que podría permitir a un atacante local ejecutar algunos comandos del sistema operativo con privilegios de root en algunos directorios de un dispositivo vulnerable. • https://github.com/greek0x0/CVE-2022-30526 http://packetstormsecurity.com/files/168202/Zyxel-Firewall-SUID-Binary-Privilege-Escalation.html https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml • CWE-269: Improper Privilege Management •
CVE-2022-30525 – Zyxel Multiple Firewalls OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2022-30525
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device. Una vulnerabilidad de inyección de comandos del Sistema Operativo en el programa CGI del firmware Zyxel USG FLEX 100(W) versiones 5.00 hasta 5.21 Parche 1, firmware USG FLEX 200 versiones 5.00 hasta 5.21 Parche 1, firmware USG FLEX 500 versiones 5.00 hasta 5.21 Parche 1, firmware USG FLEX 700 versiones 5.00 hasta 5.21 Parche 1, firmware USG FLEX 50(W) versiones 5. 10 hasta 5.21 Parche 1, firmware USG20(W)-VPN versiones 5.10 hasta 5.21 Parche 1, firmware de la serie ATP versiones 5.10 hasta 5.21 Parche 1, firmware de la serie VPN versiones 4.60 hasta 5.21 Parche 1, lo que podría permitir a un atacante modificar archivos específicos y luego ejecutar algunos comandos del Sistema Operativo en un dispositivo vulnerable Zyxel USG FLEX version 5.21 suffers from a command injection vulnerability. A command injection vulnerability in the CGI program of some Zyxel firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device. • https://github.com/jbaines-r7/victorian_machinery https://www.exploit-db.com/exploits/50946 https://github.com/shuai06/CVE-2022-30525 https://github.com/west9b/CVE-2022-30525 https://github.com/Henry4E36/CVE-2022-30525 https://github.com/savior-only/CVE-2022-30525 https://github.com/k0sf/CVE-2022-30525 https://github.com/Chocapikk/CVE-2022-30525-Reverse-Shell https://github.com/ProngedFork/CVE-2022-30525 https://github.com/superzerosec/CVE-2022-30525 https://github. • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •