ZyXEL Firewall - Unauthenticated Remote Command Injection CVE-2022-30525
- Severity
- Vulnerability description
- Not available
- Risk description
- Not available
- Exploit capabilities
Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
- Recommendation
- Not available
- References
- https://nvd.nist.gov/vuln/detail/CVE-2022-30525https://www.zyxel.com/support/Zyxel-security-advisory-for-OS-command-injection-vulnerability-of-firewalls.shtmlhttps://www.exploit-db.com/exploits/50946
- Codename
- Not available
- Detectable with
- Network Scanner
- Scan engine
- Sniper
- Cisa Kev
Yes- Exploitable with Sniper
- Yes
- CVE Published
- May 12, 2022
- Detection added at
- Software Type
- Firewall
- Vendor
- ZyXEL Networks
- Product
- ZyXEL Firewall
Detect & validate this vulnerability
Go beyond surface scans. Get real validation with proprietary tools designed to prove what’s exploitable in your environment.