Multiple ZyXEL devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, many ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges.Exploit code for this vulnerability that targets NAS devices is available on the internet. For this reason, we have created a PoC exploit that has the ability to power down affected ZyXEL NAS devices.
Taking Apart URL Shorteners +Apart+URL+Shorteners/28980Python Developers Phished for PyPi Credentials Group IB Connects Twilio and Cloudflare Phishing attacks to others -twilio-cloudflare-phishers-targets/Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus _us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.htmlLastPass Security Incident -of-recent-security-incident/Bitbucket Vulnerability -2022-36804-bitbucket-server-and-data-center-command-injection-vulnerability/
VU 498544: ZyXEL pre-authentication command injection in weblogin.cgi
Download: https://urlcod.com/2vEA9d
Adding Your Own Keywords to My PDF Tools +Your+Own+Keywords+To+My+PDF+Tools/28852Tor Improvements -release-tor-browser-115/Trojan Horse Malware Password Cracker -trojan-horse-malware-password-cracking-ecosystem-targeting-industrial-operators/CVE-2022-33891 Apache Spark Shell Command Injection Vulnerability -2022-33891-apache-spark-shell-command-injection-vulnerability/Juniper Junos Vulnerabilities -search/%40uri?language=en_US#sort=date%20descending&f:ctype=[Security%20Advisories]
TA570 QBot attempts to exploit CVE-2022-30190 (Follina) +Qakbot+Qbot+tries+CVE202230190+Follina+exploit+msmsdt/28728/Analysis of a Facebook Phishing Campaign -tactics-how-a-threat-actor-stole-1m-credentials-in-4-months/Zyxel Security Advisory -security-advisory-for-CRLF-injection-vulnerability-in-some-legacy-firewalls.shtmlFujitsu Centricstor Vulnerability -advisory-fujitsu-centricstor-control-center-v8-1-unauthenticated-command-injection/Meeting Owl Vulnerablities _Owl_Pro_Security_Disclosure_Report_RELEASE.pdf
When Get-WebRequest Fails You +GetWebRequest+Fails+You/28640/HP PC BIOS Security Updates -en/document/ish_6184733-6184761-16/hpsbhf03788INTEL BIOS Advisory -center/advisory/intel-sa-00601.htmlZyxel RCE Vulnerability -2022-30525-fixed-zyxel-firewall-unauthenticated-remote-command-injection/
Critical Hikvision Patch -IP-Camera-Unauthenticated-RCE.html -advisory/security-notification-command-injection-vulnerability-in-some-hikvision-products/Shrootless Vulnerability in MacOS -finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/More Malicious NPM Libraries _roblox_ransomware/
Laravel Exploit Attempts Tageting Vulnerability in "Ignition" +v842+exploit+attempts+for+CVE20213129+debug+mode+Remote+code+execution/27758/ThroughTek "Kaley" Protocol Vulnerability -research/2021/08/mandiant-discloses-critical-vulnerability-affecting-iot-devices.htmlFortinet FortiWeb Vulnerability -fortiweb-os-command-injection/
Malicious PowerShell Hosted on script.google.com +PowerShell+Hosted+on+scriptgooglecom/27468/Sonicwall Advisory -notification/security-advisory-on-prem-sonicwall-network-security-manager-nsm-command-injection-vulnerability/210525121534120/Hewlett Packard Enterprise Systems Insight Manger (SIM) Advisory =en_US&docId=hpesbgn04068en_usMemory Protection Bypass in Siemens PLCs -research-race-to-native-code-execution-in-plcs/ 2ff7e9595c
Comments