Lucene search
K

16 matches found

HackRead
HackRead
added 2025/06/23 10:43 a.m.7 views

Zyxel Devices Hit by Active Exploits Targeting CVE-2023-28771 Vulnerability

Zyxel users beware: A critical remote code execution flaw CVE-2023-28771 in Zyxel devices is under active exploitation by a Mirai-like botnet. GreyNoise observed a surge on June 16, targeting devices globally...

9.8CVSS8.3AI score0.99284EPSS
Exploits8
Exploit DB
Exploit DB
added 2024/06/14 12:0 a.m.443 views

Zyxel IKE Packet Decoder - Unauthenticated Remote Code Execution (Metasploit)

Exploit Title: Zyxel IKE Packet Decoder Unauthenticated Remote Code Execution Date: 2023-03-31 Exploit Author: sf Vendor Homepage: https://www.zyxel.com/ Software Link: https://www.zyxel.com/ Version: ATP Firmware version 4.60 to 5.35 inclusive, USG FLEX Firmware version 4.60 to 5.35 inclusive, V...

9.8CVSS7.4AI score0.99284EPSS
Exploits8
The Hacker News
The Hacker News
added 2023/11/16 6:6 a.m.76 views

Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure

Russian threat actors have been possibly linked to what's been described as the "largest cyber attack against Danish critical infrastructure," in which 22 companies associated with the operation of the country's energy sector were targeted in May 2023. "22 simultaneous, successful cyberattacks...

9.8CVSS7.5AI score0.99284EPSS
Exploits8
Trellix
Trellix
added 2023/06/07 12:0 a.m.181 views

The Bug Report - May 2023 Edition

The Bug Report – May 2023 Edition By Mark Bereza · June 7, 2023 Why am I here? In the film The Number 23, Jim Carrey masterfully portrays Walter Sparrow, a man who finds himself obsessed with the number 23 after coming upon a book detailing the 23 enigma, and begins to see it everywhere he looks,...

7.2AI score0.99284EPSS
Exploits12
The Hacker News
The Hacker News
added 2023/06/01 4:17 a.m.85 views

Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a recently patched critical security flaw in Zyxel gear to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. Tracked as CVE-2023-28771 CVSS score: 9.8, the issue relates to a command...

9.8CVSS10.3AI score0.99284EPSS
Exploits8
Rapid7 Blog
Rapid7 Blog
added 2023/05/31 2:11 p.m.61 views

Widespread Exploitation of Zyxel Network Devices

Rapid7 is tracking reports of ongoing exploitation of CVE-2023-28771, a critical unauthenticated command injection vulnerability affecting multiple Zyxel networking devices. The vulnerability is present in the default configuration of vulnerable devices and is exploitable in the Wide Area Network...

7.5CVSS10.4AI score0.99284EPSS
Exploits8
GithubExploit
GithubExploit
added 2023/05/23 2:37 a.m.22 views

Exploit for OS Command Injection in Zyxel Atp100_Firmware

CVE-2023-28771-PoC PoC for CVE-2023-28771 based on Rapid7's ex...

9.8CVSS7.4AI score0.99284EPSS
Exploits8
GithubExploit
GithubExploit
added 2023/05/23 2:37 a.m.18 views

Exploit for OS Command Injection in Zyxel Atp100_Firmware

CVE-2023-28771-PoC PoC for CVE-2023-28771 based on Rapid7's ex...

9.8CVSS9.8AI score0.99284EPSS
Exploits8
GithubExploit
GithubExploit
added 2023/05/23 2:37 a.m.623 views

Exploit for OS Command Injection in Zyxel Atp100_Firmware

CVE-2023-28771-PoC PoC for CVE-2023-28771 based on Rapid7's ex...

9.8CVSS9.8AI score0.99284EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2023/05/23 12:0 a.m.332 views

Zyxel Command Injection (CVE-2023-28771) (Direct Check)

Binary data zyxelCVE-2023-28771direct.nbin...

9.8CVSS9.8AI score0.99284EPSS
Exploits8References2
The Hacker News
The Hacker News
added 2023/04/28 11:41 a.m.194 views

Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now

Networking equipment maker Zyxel has released patches for a critical security flaw in its firewall devices that could be exploited to achieve remote code execution on affected systems. The issue, tracked as CVE-2023-28771, is rated 9.8 on the CVSS scoring system. Researchers from TRAPA Security...

9.8CVSS9.1AI score0.99284EPSS
Exploits8
Circl
Circl
added 2023/04/25 7:24 a.m.37 views

CVE-2023-28771

creationtimestamp| type| source ---|---|--- 2023-04-25 07:24:17+00:00| seen| https://t.me/cibsecurity/62787 2023-04-28 13:46:57+00:00| seen| https://t.me/thehackernews/3294 2023-04-28 15:59:01+00:00| seen| https://t.me/KomunitiSiber/124 2023-04-28 16:05:51+00:00| published-proof-of-concept|...

9.8CVSS7.1AI score0.99284EPSS
In wildExploits8References73
NVD
NVD
added 2023/04/25 2:15 a.m.29 views

CVE-2023-28771

Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to...

9.8CVSS9.9AI score0.99284EPSS
Exploits8References3
Vulnrichment
Vulnrichment
added 2023/04/25 12:0 a.m.16 views

CVE-2023-28771

Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to...

9.8CVSS9.8AI score0.99284EPSS
Exploits8References2
Cvelist
Cvelist
added 2023/04/25 12:0 a.m.38 views

CVE-2023-28771

Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to...

9.8CVSS9.9AI score0.99284EPSS
Exploits8References2
CVE
CVE
added 2023/04/25 12:0 a.m.697 views

CVE-2023-28771

CVE-2023-28771 is an OS command injection in Zyxel devices (ZyWALL/USG, VPN, USG FLEX, ATP) due to improper error message handling. A unauthenticated attacker can remotely execute commands by sending crafted UDP/IKE-related packets to affected firmware: Zyxel ATP, USG FLEX, VPN, and ZyWALL/USG li...

9.8CVSS9.6AI score0.99284EPSS
In wildExploits8References3Affected Software1
Rows per page
Query Builder