Zyxel Multiple Firewalls OS Command Injection Vulnerability
Overdue
Zyxel / Multiple Firewalls
CWE-78
Description
A command injection vulnerability in the CGI program of some Zyxel firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.
Required Action
Apply updates per vendor instructions.
Additional Information
- Catalog Version
- 2025.01.24
- Catalog Released
- Jan. 24, 2025
- Days Until Due
- 0 days
- Last Updated
- 6 months ago