← voltar
CVE-2022-30525

CVE-2022-30525

CVSS 9.8 CRITICALEPSS 99.9%● KEVCWE-78
Em resumo

Uma falha nos firewalls e dispositivos VPN Zyxel permite que atacantes executem comandos perigosos do sistema manipulando arquivos específicos. É crítico porque o invasor ganha controle total do dispositivo.

Detalhe técnico

Injeção de comando OS no programa CGI afeta múltiplos modelos Zyxel USG e ATP (firmware 5.00–5.21 Patch 1; série VPN 4.60–5.21 Patch 1). Vetor de ataque: modificação de arquivos específicos para injetar comandos; requer acesso à rede na interface CGI. Impacto: execução arbitrária de comandos com privilégios do dispositivo.

Resumo gerado e traduzido por IA a partir da descrição oficial.
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Zyxel · ATP series firmwareZyxel · USG 20(W)-VPN firmwareZyxel · USG FLEX 100(W) firmwareZyxel · USG FLEX 200 firmwareZyxel · USG FLEX 500 firmwareZyxel · USG FLEX 50(W) firmwareZyxel · USG FLEX 700 firmwareZyxel · VPN series firmware
PoCs públicas encontradas20
githubgithub.com/shuai06/CVE-2022-3052533githubgithub.com/jbaines-r7/victorian_machinery30githubgithub.com/Henry4E36/CVE-2022-3052522githubgithub.com/west9b/CVE-2022-3052512githubgithub.com/savior-only/CVE-2022-305254githubgithub.com/Chocapikk/CVE-2022-30525-Reverse-Shell4githubgithub.com/k0sf/CVE-2022-305253githubgithub.com/iveresk/cve-2022-305253githubgithub.com/cbk914/CVE-2022-30525_check2githubgithub.com/superzerosec/CVE-2022-305251githubgithub.com/ProngedFork/CVE-2022-305251githubgithub.com/arajsingh-infosec/CVE-2022-30525_Exploit1githubgithub.com/furkanzengin/CVE-2022-305251githubgithub.com/M4fiaB0y/CVE-2022-305251githubgithub.com/160Team/CVE-2022-305250exploitdbwww.exploit-db.com/exploits/50946não verificadocve_referencepacketstormsecurity.com/files/167182/Zyxel-Firewall-ZTP-Unauthenticated-Command-Injection.htmlnão verificadocve_referencepacketstormsecurity.com/files/167372/Zyxel-USG-FLEX-5.21-Command-Injection.htmlnão verificadocve_referencepacketstormsecurity.com/files/168202/Zyxel-Firewall-SUID-Binary-Privilege-Escalation.htmlnão verificadocve_referencepacketstormsecurity.com/files/167176/Zyxel-Remote-Command-Execution.htmlnão verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/167176/Zyxel-Remote-Command-Execution.htmlhttp://packetstormsecurity.com/files/167182/Zyxel-Firewall-ZTP-Unauthenticated-Command-Injection.htmlhttp://packetstormsecurity.com/files/167372/Zyxel-USG-FLEX-5.21-Command-Injection.htmlhttp://packetstormsecurity.com/files/168202/Zyxel-Firewall-SUID-Binary-Privilege-Escalation.htmlhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30525https://www.zyxel.com/support/Zyxel-security-advisory-for-OS-command-injection-vulnerability-of-firewalls.shtml