TROYANOSYVIRUS
Back to CVEs

CVE-2022-30525

CRITICALCISA KEV
9.8

Description

A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.

CVE Details

CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published5/12/2022
Last Modified10/27/2025
Sourcekev
Honeypot Sightings0

CISA KEV

VendorZyxel
ProductMultiple Firewalls
Vulnerability NameZyxel Multiple Firewalls OS Command Injection Vulnerability
KEV Date Added2022-05-16
Remediation Due Date2022-06-06
Ransomware UseUnknown

Affected Products

zyxel:atp100zyxel:atp100_firmwarezyxel:atp100wzyxel:atp100w_firmwarezyxel:atp200zyxel:atp200_firmwarezyxel:atp500zyxel:atp500_firmwarezyxel:atp700zyxel:atp700_firmwarezyxel:atp800zyxel:atp800_firmwarezyxel:usg20w-vpnzyxel:usg20w-vpn_firmwarezyxel:usg_flex_100wzyxel:usg_flex_100w_firmwarezyxel:usg_flex_200zyxel:usg_flex_200_firmwarezyxel:usg_flex_500zyxel:usg_flex_500_firmwarezyxel:usg_flex_50wzyxel:usg_flex_50w_firmwarezyxel:usg_flex_700zyxel:usg_flex_700_firmwarezyxel:vpn100zyxel:vpn1000zyxel:vpn1000_firmwarezyxel:vpn100_firmwarezyxel:vpn300zyxel:vpn300_firmwarezyxel:vpn50zyxel:vpn50_firmware

Weaknesses (CWE)

CWE-78CWE-78

References

http://packetstormsecurity.com/files/167176/Zyxel-Remote-Command-Execution.html(security@zyxel.com.tw)
http://packetstormsecurity.com/files/167182/Zyxel-Firewall-ZTP-Unauthenticated-Command-Injection.html(security@zyxel.com.tw)
http://packetstormsecurity.com/files/167372/Zyxel-USG-FLEX-5.21-Command-Injection.html(security@zyxel.com.tw)
http://packetstormsecurity.com/files/168202/Zyxel-Firewall-SUID-Binary-Privilege-Escalation.html(security@zyxel.com.tw)
https://www.zyxel.com/support/Zyxel-security-advisory-for-OS-command-injection-vulnerability-of-firewalls.shtml(security@zyxel.com.tw)
http://packetstormsecurity.com/files/167176/Zyxel-Remote-Command-Execution.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/167182/Zyxel-Firewall-ZTP-Unauthenticated-Command-Injection.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/167372/Zyxel-USG-FLEX-5.21-Command-Injection.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/168202/Zyxel-Firewall-SUID-Binary-Privilege-Escalation.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.zyxel.com/support/Zyxel-security-advisory-for-OS-command-injection-vulnerability-of-firewalls.shtml(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30525(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.