Command injection

2021-09-2911:15:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.2%

JSON

A command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to execute arbitrary OS commands.

CPENameOperatorVersion
zywall_vpn2s_firmwareeq1.12.0-abln.0-c0

CPE	Name	Operator	Version
	zywall_vpn2s_firmware	eq	1.12.0-abln.0-c0

References

www.zyxel.com/support/Zyxel_security_advisory_for_directory_traversal_and_command_injection_vulnerabilities_of_VPN2S_Firewall.shtml