The vulnerability of the account_print.cgi component in the microprogramming software for Zyxel USG FLEX and VPN devices allows a hacker to execute arbitrary commands.

The vulnerability of the accountprint.cgi component in the Zyxel USG FLEX and VPN network devices is related to an incorrect limitation on the path name to the tmp directory. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

Zyxel USG FLEX 路径遍历漏洞

Zyxel USG FLEX is a firewall from China Hopkins Zyxel. Offering flexible VPN options IPsec, SSL or L2TP, it provides flexible and secure remote access for remote work and management. A security vulnerability exists in the Zyxel USG FLEX Series 4.50 to 5.35 firmware versions, and VPN Series 4.30 t...