5 matches found
Zyxel Firewall SUID Binary Privilege Escalation Exploit
This Metasploit module exploits CVE-2022-30526, a local privilege escalation vulnerability that allows a low privileged user e.g. nobody escalate to root. The issue stems from a suid binary that allows all users to copy files as root. This module overwrites the firewall's crontab to execute an...
Zyxel Firewall SUID Binary Privilege Escalation
This module exploits CVE-2022-30526, a local privilege escalation vulnerability that allows a low privileged user e.g. nobody escalate to root. The issue stems from a suid binary that allows all users to copy files as root. This module overwrites the firewall's crontab to execute an attacker...
Zyxel Firewall SUID Binary Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zyxel Firewall SUID Binary Privilege Escalation', 'Description' = %q This module exploits CVE-2022-30526, a local privilege escalation...
CVE-2022-30526
creationtimestamp| type| source ---|---|--- 2022-07-19 12:40:30+00:00| seen| https://t.me/cibsecurity/46528 2022-07-29 11:01:17+00:00| seen| https://t.me/poxek/2124 2022-08-31 13:26:23+00:00| seen|...
CVE-2022-30526
CVE-2022-30526 affects Zyxel USG FLEX/USGZyWALL firewalls (e.g., USG FLEX 100(W), 200, 500, 700; USG FLEX 50(W); USG20(W)-VPN; ATP; VPN series; USG/ZyWALL). The issue is a local privilege escalation via the CLI caused by a SUID binary that allows a low-privileged user to copy files as root and ov...