Lucene search
K

27 matches found

redhatcve
redhatcve
added 2025/02/06 12:36 a.m.8 views

CVE-2022-30525

A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100W firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1,...

10CVSS9.8AI score0.99938EPSS
Exploits27References1
githubexploit
githubexploit
added 2023/01/15 8:2 p.m.475 views

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525check Description: This script checks for the...

10CVSS9.1AI score0.99938EPSS
Exploits27
nessus
nessus
added 2023/01/11 12:0 a.m.45 views

Zyxel Command Injection (CVE-2022-30525) (Direct Check)

Binary data zyxelCVE-2022-30525.nbin...

10CVSS9.8AI score0.99938EPSS
Exploits27References3
metasploit
metasploit
added 2022/08/31 7:51 p.m.204 views

Zyxel Firewall SUID Binary Privilege Escalation

This module exploits CVE-2022-30526, a local privilege escalation vulnerability that allows a low privileged user e.g. nobody escalate to root. The issue stems from a suid binary that allows all users to copy files as root. This module overwrites the firewall's crontab to execute an attacker...

10CVSS9.2AI score0.99938EPSS
Exploits28
githubexploit
githubexploit
added 2022/06/13 9:11 p.m.348 views

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525 Zyxel Firewall Remote Command Injection A py...

10CVSS9.6AI score0.99938EPSS
Exploits27
githubexploit
githubexploit
added 2022/06/12 7:4 p.m.366 views

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525 A OS Command Injection Vulnerability in the CGI...

10CVSS10AI score0.99938EPSS
Exploits27
packetstorm
packetstorm
added 2022/06/03 12:0 a.m.234 views

Zyxel USG FLEX 5.21 Command Injection

Exploit Title: Zyxel USG FLEX 5.21 - OS Command Injection Shodan Dork: title:"USG FLEX 100" title:"USG FLEX 100W" title:"USG FLEX 200" title:"USG FLEX 500" title:"USG FLEX 700" title:"USG20-VPN" title:"USG20W-VPN" title:"ATP 100" title:"ATP 200" title:"ATP 500" title:"ATP 700" title:"ATP 800" Dat...

10CVSS9.1AI score0.99938EPSS
Exploits27
zdt
zdt
added 2022/06/03 12:0 a.m.254 views

Zyxel USG FLEX 5.21 - OS Command Injection Exploit

Exploit Title: Zyxel USG FLEX 5.21 - OS Command Injection Shodan Dork: title:"USG FLEX 100" title:"USG FLEX 100W" title:"USG FLEX 200" title:"USG FLEX 500" title:"USG FLEX 700" title:"USG20-VPN" title:"USG20W-VPN" title:"ATP 100" title:"ATP 200" title:"ATP 500" title:"ATP 700" title:"ATP 800"...

9.8CVSS9.1AI score0.99938EPSS
Exploits27
githubexploit
githubexploit
added 2022/05/28 7:19 a.m.373 views

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525 Zyxel Firewall Command Injection Vulnerability...

10CVSS7.6AI score0.99938EPSS
Exploits27
rapid7blog
rapid7blog
added 2022/05/20 7:14 p.m.63 views

Metasploit Weekly Wrap-Up

Zyxel firewall unauthenticated command injection This week, our very own Jake Baines added an exploit module that leverages CVE-2022-30525, an unauthenticated remote command injection vulnerability in Zyxel firewalls with zero touch provisioning ZTP support. Jake is also the author of the origina...

10CVSS0.1AI score0.99938EPSS
Exploits27
checkpoint_advisories
checkpoint_advisories
added 2022/05/19 12:0 a.m.27 views

Zyxel USG Command Injection (CVE-2022-30525)

A command injection vulnerability exists in Zyxel USG. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS5.6AI score0.99938EPSS
Exploits27
thn
thn
added 2022/05/17 3:17 a.m.444 views

Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability

--- Image source: z3r00t The U.S. Cybersecurity and Infrastructure Security Agency on Monday added two security flaws, including the recently disclosed remote code execution bug affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation...

10CVSS2.9AI score0.99938EPSS
Exploits81
githubexploit
githubexploit
added 2022/05/16 9:15 a.m.257 views

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525 CVE-2022-30525 POC exploit Usage shell u...

10CVSS9.2AI score0.99938EPSS
Exploits27
githubexploit
githubexploit
added 2022/05/16 4:45 a.m.445 views

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525 Zyxel 防火墙未经身份验证的远程命令注入漏洞 影响组件 USG FLEX 100...

10CVSS9.4AI score0.99938EPSS
Exploits27
packetstorm
packetstorm
added 2022/05/16 12:0 a.m.409 views

Zyxel Firewall ZTP Unauthenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zyxel Firewall ZTP Unauthenticated Command Injection', 'Description' = %q This module exploits CVE-2022-30525, an unauthenticated remote command...

0.2AI score0.99938EPSS
Exploits27
zdt
zdt
added 2022/05/16 12:0 a.m.358 views

Zyxel Firewall ZTP Unauthenticated Command Injection Exploit

This Metasploit module exploits CVE-2022-30525, an unauthenticated remote command injection vulnerability affecting Zyxel firewalls with zero touch provisioning ZTP support. By sending a malicious setWanPortSt command containing an mtu field with a crafted OS command to the /ztp/cgi-bin/handler...

9.8CVSS9.3AI score0.99938EPSS
Exploits27
githubexploit
githubexploit
added 2022/05/15 6:20 a.m.380 views

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525...

10CVSS9.2AI score0.99938EPSS
Exploits27
metasploit
metasploit
added 2022/05/14 5:42 p.m.283 views

Zyxel Firewall ZTP Unauthenticated Command Injection

This module exploits CVE-2022-30525, an unauthenticated remote command injection vulnerability affecting Zyxel firewalls with zero touch provisioning ZTP support. By sending a malicious setWanPortSt command containing an mtu field with a crafted OS command to the /ztp/cgi-bin/handler page, an...

10CVSS10AI score0.99938EPSS
Exploits27
githubexploit
githubexploit
added 2022/05/13 6:16 p.m.491 views

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525 Zyxel firewall: Unauthenticated remote comman...

10CVSS7.5AI score0.99938EPSS
Exploits27
githubexploit
githubexploit
added 2022/05/13 12:58 p.m.495 views

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525 Zyxel firewall remote command injection vulne...

10CVSS7.5AI score0.99938EPSS
Exploits27
Rows per page
Query Builder