CVE-2022-30525
Zyxel Multiple Firewalls OS Command Injection Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
15Exploited in Wild
YesDecision
Descriptions
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.
Una vulnerabilidad de inyección de comandos del Sistema Operativo en el programa CGI del firmware Zyxel USG FLEX 100(W) versiones 5.00 hasta 5.21 Parche 1, firmware USG FLEX 200 versiones 5.00 hasta 5.21 Parche 1, firmware USG FLEX 500 versiones 5.00 hasta 5.21 Parche 1, firmware USG FLEX 700 versiones 5.00 hasta 5.21 Parche 1, firmware USG FLEX 50(W) versiones 5. 10 hasta 5.21 Parche 1, firmware USG20(W)-VPN versiones 5.10 hasta 5.21 Parche 1, firmware de la serie ATP versiones 5.10 hasta 5.21 Parche 1, firmware de la serie VPN versiones 4.60 hasta 5.21 Parche 1, lo que podría permitir a un atacante modificar archivos específicos y luego ejecutar algunos comandos del Sistema Operativo en un dispositivo vulnerable
Zyxel USG FLEX version 5.21 suffers from a command injection vulnerability.
A command injection vulnerability in the CGI program of some Zyxel firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-05-10 CVE Reserved
- 2022-05-12 CVE Published
- 2022-05-13 First Exploit
- 2022-05-16 Exploited in Wild
- 2022-06-06 KEV Due Date
- 2024-08-03 CVE Updated
- 2024-10-24 EPSS Updated
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (17)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/167176/Zyxel-Remote-Command-Execution.html | Third Party Advisory |
|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Zyxel Search vendor "Zyxel" | Usg Flex 100w Firmware Search vendor "Zyxel" for product "Usg Flex 100w Firmware" | >= 5.00 < 5.30 Search vendor "Zyxel" for product "Usg Flex 100w Firmware" and version " >= 5.00 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 100w Search vendor "Zyxel" for product "Usg Flex 100w" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Usg Flex 200 Firmware Search vendor "Zyxel" for product "Usg Flex 200 Firmware" | >= 5.00 < 5.30 Search vendor "Zyxel" for product "Usg Flex 200 Firmware" and version " >= 5.00 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 200 Search vendor "Zyxel" for product "Usg Flex 200" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Usg Flex 500 Firmware Search vendor "Zyxel" for product "Usg Flex 500 Firmware" | >= 5.00 <= 5.30 Search vendor "Zyxel" for product "Usg Flex 500 Firmware" and version " >= 5.00 <= 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 500 Search vendor "Zyxel" for product "Usg Flex 500" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Usg Flex 700 Firmware Search vendor "Zyxel" for product "Usg Flex 700 Firmware" | >= 5.00 < 5.30 Search vendor "Zyxel" for product "Usg Flex 700 Firmware" and version " >= 5.00 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 700 Search vendor "Zyxel" for product "Usg Flex 700" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Vpn100 Firmware Search vendor "Zyxel" for product "Vpn100 Firmware" | >= 4.60 < 5.30 Search vendor "Zyxel" for product "Vpn100 Firmware" and version " >= 4.60 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Vpn100 Search vendor "Zyxel" for product "Vpn100" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Vpn1000 Firmware Search vendor "Zyxel" for product "Vpn1000 Firmware" | >= 4.60 < 5.30 Search vendor "Zyxel" for product "Vpn1000 Firmware" and version " >= 4.60 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Vpn1000 Search vendor "Zyxel" for product "Vpn1000" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Vpn300 Firmware Search vendor "Zyxel" for product "Vpn300 Firmware" | >= 4.60 < 5.30 Search vendor "Zyxel" for product "Vpn300 Firmware" and version " >= 4.60 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Vpn300 Search vendor "Zyxel" for product "Vpn300" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Vpn50 Firmware Search vendor "Zyxel" for product "Vpn50 Firmware" | >= 4.60 < 5.30 Search vendor "Zyxel" for product "Vpn50 Firmware" and version " >= 4.60 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Vpn50 Search vendor "Zyxel" for product "Vpn50" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Atp100 Firmware Search vendor "Zyxel" for product "Atp100 Firmware" | >= 5.10 < 5.30 Search vendor "Zyxel" for product "Atp100 Firmware" and version " >= 5.10 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp100 Search vendor "Zyxel" for product "Atp100" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Atp100w Firmware Search vendor "Zyxel" for product "Atp100w Firmware" | >= 5.10 < 5.30 Search vendor "Zyxel" for product "Atp100w Firmware" and version " >= 5.10 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp100w Search vendor "Zyxel" for product "Atp100w" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Atp200 Firmware Search vendor "Zyxel" for product "Atp200 Firmware" | >= 5.10 < 5.30 Search vendor "Zyxel" for product "Atp200 Firmware" and version " >= 5.10 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp200 Search vendor "Zyxel" for product "Atp200" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Atp500 Firmware Search vendor "Zyxel" for product "Atp500 Firmware" | >= 5.10 < 5.30 Search vendor "Zyxel" for product "Atp500 Firmware" and version " >= 5.10 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp500 Search vendor "Zyxel" for product "Atp500" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Atp700 Firmware Search vendor "Zyxel" for product "Atp700 Firmware" | >= 5.10 < 5.30 Search vendor "Zyxel" for product "Atp700 Firmware" and version " >= 5.10 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp700 Search vendor "Zyxel" for product "Atp700" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Atp800 Firmware Search vendor "Zyxel" for product "Atp800 Firmware" | >= 5.10 < 5.30 Search vendor "Zyxel" for product "Atp800 Firmware" and version " >= 5.10 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp800 Search vendor "Zyxel" for product "Atp800" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Usg Flex 50w Firmware Search vendor "Zyxel" for product "Usg Flex 50w Firmware" | >= 5.10 < 5.30 Search vendor "Zyxel" for product "Usg Flex 50w Firmware" and version " >= 5.10 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 50w Search vendor "Zyxel" for product "Usg Flex 50w" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Usg20w-vpn Firmware Search vendor "Zyxel" for product "Usg20w-vpn Firmware" | >= 5.10 < 5.30 Search vendor "Zyxel" for product "Usg20w-vpn Firmware" and version " >= 5.10 < 5.30" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg20w-vpn Search vendor "Zyxel" for product "Usg20w-vpn" | - | - |
Safe
|