top of page
conseyrepuncda

VU 498544: ZyXEL pre-authentication command injection in weblogin.cgi - A security alert and recomme



Multiple ZyXEL devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, many ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges.Exploit code for this vulnerability that targets NAS devices is available on the internet. For this reason, we have created a PoC exploit that has the ability to power down affected ZyXEL NAS devices.


Taking Apart URL Shorteners +Apart+URL+Shorteners/28980Python Developers Phished for PyPi Credentials Group IB Connects Twilio and Cloudflare Phishing attacks to others -twilio-cloudflare-phishers-targets/Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus _us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.htmlLastPass Security Incident -of-recent-security-incident/Bitbucket Vulnerability -2022-36804-bitbucket-server-and-data-center-command-injection-vulnerability/




VU 498544: ZyXEL pre-authentication command injection in weblogin.cgi




Adding Your Own Keywords to My PDF Tools +Your+Own+Keywords+To+My+PDF+Tools/28852Tor Improvements -release-tor-browser-115/Trojan Horse Malware Password Cracker -trojan-horse-malware-password-cracking-ecosystem-targeting-industrial-operators/CVE-2022-33891 Apache Spark Shell Command Injection Vulnerability -2022-33891-apache-spark-shell-command-injection-vulnerability/Juniper Junos Vulnerabilities -search/%40uri?language=en_US#sort=date%20descending&f:ctype=[Security%20Advisories]


TA570 QBot attempts to exploit CVE-2022-30190 (Follina) +Qakbot+Qbot+tries+CVE202230190+Follina+exploit+msmsdt/28728/Analysis of a Facebook Phishing Campaign -tactics-how-a-threat-actor-stole-1m-credentials-in-4-months/Zyxel Security Advisory -security-advisory-for-CRLF-injection-vulnerability-in-some-legacy-firewalls.shtmlFujitsu Centricstor Vulnerability -advisory-fujitsu-centricstor-control-center-v8-1-unauthenticated-command-injection/Meeting Owl Vulnerablities _Owl_Pro_Security_Disclosure_Report_RELEASE.pdf


When Get-WebRequest Fails You +GetWebRequest+Fails+You/28640/HP PC BIOS Security Updates -en/document/ish_6184733-6184761-16/hpsbhf03788INTEL BIOS Advisory -center/advisory/intel-sa-00601.htmlZyxel RCE Vulnerability -2022-30525-fixed-zyxel-firewall-unauthenticated-remote-command-injection/


Critical Hikvision Patch -IP-Camera-Unauthenticated-RCE.html -advisory/security-notification-command-injection-vulnerability-in-some-hikvision-products/Shrootless Vulnerability in MacOS -finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/More Malicious NPM Libraries _roblox_ransomware/


Laravel Exploit Attempts Tageting Vulnerability in "Ignition" +v842+exploit+attempts+for+CVE20213129+debug+mode+Remote+code+execution/27758/ThroughTek "Kaley" Protocol Vulnerability -research/2021/08/mandiant-discloses-critical-vulnerability-affecting-iot-devices.htmlFortinet FortiWeb Vulnerability -fortiweb-os-command-injection/


Malicious PowerShell Hosted on script.google.com +PowerShell+Hosted+on+scriptgooglecom/27468/Sonicwall Advisory -notification/security-advisory-on-prem-sonicwall-network-security-manager-nsm-command-injection-vulnerability/210525121534120/Hewlett Packard Enterprise Systems Insight Manger (SIM) Advisory =en_US&docId=hpesbgn04068en_usMemory Protection Bypass in Siemens PLCs -research-race-to-native-code-execution-in-plcs/ 2ff7e9595c


0 views0 comments

Recent Posts

See All

Mm ano x apk

mm year x apk MM Year X APK: um aplicativo de calendário útil e popular em Mianmar Se você é Shwe Myanmar, vai adorar este aplicativo de...

Comments


bottom of page