"Critical Flaw in Zyxel Firewalls Grants Access to Corporate Networks (CVE-2022-30525)"
Researchers at Rapid 7 have discovered a critical vulnerability (CVE-2022-30525) affecting several models of Zyxel firewalls. The researchers disclosed the vulnerability to Zyxel on April 13th, and it was fixed by the company with a patch released on April 28th. The researchers stated that the CVE-2022-30525 is a vulnerability that may be exploited by unauthenticated, remote attackers to inject commands into the OS via the vulnerable firewalls’ administrative HTTP interface (if exposed on the internet), allowing them to modify specific files and execute OS commands. The vulnerability affects the following firewall models and firmware versions: USG FLEX 100(W), 200, 500, 700 – Firmware: ZLD V5.00 through ZLD V5.21 Patch 1, USG FLEX 50(W) / USG20(W)-VPN – Firmware: ZLD V5.10 through ZLD V5.21 Patch 1, ATP series – Firmware: ZLD V5.10 through ZLD V5.21 Patch 1, and VPN series – Firmware: ZLD V4.60 through ZLD V5.21 Patch 1. Administrators of affected devices are advised to upgrade the firmware to V5.30 as soon as possible. The researchers stated that, if possible, administrators should also enable automatic firmware updates and disable WAN access to the administrative web interface of the system.