Lucene search
+L

4 matches found

Packet Storm
Packet Storm
added 2023/05/10 12:0 a.m.1062 views

Zyxel Chained Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'socket' require 'digest/md5' class MetasploitModule 'Zyxel chained RCE using LFI and weak password derivation algorithm', 'Description' = %q This module exploit...

7.5CVSS7.1AI score0.57778EPSS
Exploits2
Circl
Circl
added 2023/04/27 12:39 p.m.46 views

CVE-2023-28770

creationtimestamp| type| source ---|---|--- 2023-04-27 12:39:20+00:00| seen| https://t.me/cibsecurity/62965 2023-05-10 10:06:35+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/zyxellfiunauthsshrce.rb 2023-05-11 18:05:50+00:00|...

7.5CVSS7.1AI score0.57778EPSS
In wildExploits2References5
Vulnrichment
Vulnrichment
added 2023/04/27 12:0 a.m.12 views

CVE-2023-28770

The sensitive information exposure vulnerability in the CGI “ExportLog” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17ABYO.1C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file...

7.5CVSS7.5AI score0.57778EPSS
Exploits2References2
CVE
CVE
added 2023/04/27 12:0 a.m.304 views

CVE-2023-28770

CVE-2023-28770 affects Zyxel DX5401-B0 firmware prior to V5.17(ABYO.1)C0. The issue arises from sensitive information exposure via CGI Export_Log and the zcmd binary, allowing a remote unauthenticated attacker to read system files and retrieve the supervisor password from an encrypted file. Publi...

7.5CVSS7.4AI score0.57778EPSS
In wildExploits2References3Affected Software1
Rows per page
Query Builder