• Latest
  • Trending
Zyxel fixes firewall flaws that could lead to hacked networks

Zyxel fixes firewall flaws that could lead to hacked networks

May 13, 2022
Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

July 29, 2025
French Telco Orange Hit by Cyber-Attack

French Telco Orange Hit by Cyber-Attack

July 29, 2025
ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023
Data Leak Hits Thousands of NHS Workers

Data Leak Hits Thousands of NHS Workers

February 20, 2023
EU Cybersecurity Agency Warns Against Chinese APTs

EU Cybersecurity Agency Warns Against Chinese APTs

February 20, 2023
How Your Storage System Will Still Be Viable in 5 Years’ Time?

How Your Storage System Will Still Be Viable in 5 Years’ Time?

February 20, 2023
The Broken Promises From Cybersecurity Vendors

Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

February 20, 2023
Instagram and Facebook to get paid-for verification

Instagram and Facebook to get paid-for verification

February 20, 2023
YouTube CEO Susan Wojcicki steps down after nine years

YouTube CEO Susan Wojcicki steps down after nine years

February 20, 2023
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Saturday, 18 July, 2026
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Zyxel fixes firewall flaws that could lead to hacked networks

by ITECHNEWS
May 13, 2022
in Infosec, Leading Stories
0 0
0
Zyxel fixes firewall flaws that could lead to hacked networks

Zyxel has fixed critical firewall vulnerabilities that could have allowed threat actors to gain full access to devices and the internal corporate networks they are designed to protect.

The company pushed out the security updates in a silent update two weeks ago but more details emerged recently.

YOU MAY ALSO LIKE

French Telco Orange Hit by Cyber-Attack

ATC Ghana supports Girls-In-ICT Program

Security researchers at Rapid7 found the flaw, which is now tracked as CVE-2022-30525 (CVSS v3 score: 9.8 – critical), and disclosed it to Zyxel on April 13, 2022.

The flaw is an unauthenticated remote command injection via the HTTP interface, affecting Zyxel firewalls supporting Zero Touch Provisioning (ZTP). The impacted firmware versions are ZLD5.00 to ZLD5.21 Patch 1.

CVE-2022-30525 impacts the following models:

  • USG FLEX 50, 50W, 100W, 200, 500, 700 using firmware 5.21 and below
  • USG20-VPN and USG20W-VPN using firmware 5.21 and below
  • ATP 100, 200, 500, 700, 800 using firmware 5.21 and below

These products are typically used in small branches and corporate headquarters for VPN, SSL inspection, intrusion protection, email security, and web filtering.

“Commands are executed as the “nobody” user. This vulnerability is exploited through the /ztp/cgi-bin/handler URI and is the result of passing unsanitized attacker input into the os.system method in lib_wan_settings.py,” explains the Rapid 7 report.

“The vulnerable functionality is invoked in association with the setWanPortSt command. An attacker can inject arbitrary commands into the mtu or the data parameter.”

Zyxel confirmed the report and the validity of the flaw and promised to release the fixing security updates in June 2022, yet they released a patch on April 28, 2022, without supplying a security advisory, technical details, or mitigation guidance to its customers.

Likely exploited soon

Today, Rapid 7 published its disclosure report along with the corresponding Metasploit module that exploits the CVE-2022-30525 by injecting commands in the MTU field.

The researcher who discovered the flaw and developed a working exploit for testing, Jake Baines, has also published the following demonstration video.

The typical consequences of such an attack would be file modification and OS command execution, allowing threat actors to gain initial access to a network and spread laterally through a network.

“The Zxyel firewalls affected by CVE-2022-30525 are what we typically refer to as “network pivot.” Exploitation of CVE-2022-30525 will likely allow an attacker to establish a foothold in the victim’s internal network,” Rapid7 told BleepingComputer.

“From that foothold, the attacker can attack (or pivot to) internal systems that otherwise would not be exposed to the internet.”

“A real-world example of this sort of attack would be Phineas Fisher’s attack on Hacking Team, in which Fisher exploited an internet-facing firewall/VPN.”

“Once Fisher had full access to the firewall/VPN, they were able to move laterally to internal systems (e.g. MongoDB databases, NAS storage, Exchange servers). ”

As the technical details of the vulnerability have been released and it is now supported by Metasploit, all admins should update their devices immediately before threat actors begin to actively exploit the flaw.

Rapid 7 reports that at the time of discovery, there were at least 16,213 vulnerable systems exposed to the internet, making this vulnerability an attractive target for threat actors.

Shodan results of vulnerable Zyxel firewalls
Shodan results of vulnerable Zyxel firewalls (Rapid7)

If updating to the latest available version is impossible, you are advised to at least disable WAN access to the administrative web interface of the affected products.

Bleeping Computer noticed that Zyxel published a security advisory for CVE-2022-30525 during the preparation of this story, attributing the lack of coordination with Rapid7 to miscommunication.

Source: Bill Toulas
Via: bleepingcomputer
Tags: Zyxel fixes firewall flaws that could lead to hacked networks
ShareTweet

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe

Search

No Result
View All Result

Recent News

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

July 29, 2025
French Telco Orange Hit by Cyber-Attack

French Telco Orange Hit by Cyber-Attack

July 29, 2025
ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

July 29, 2025
French Telco Orange Hit by Cyber-Attack

French Telco Orange Hit by Cyber-Attack

July 29, 2025

Recent News

  • Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa July 29, 2025
  • French Telco Orange Hit by Cyber-Attack July 29, 2025
  • ATC Ghana supports Girls-In-ICT Program April 25, 2023
  • Vice President Dr. Bawumia inaugurates ICT Hub April 2, 2023
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© Copyright 2026, All Rights Reserved | iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© Copyright 2026, All Rights Reserved | iTechNewsOnline.Com - Powered by BackUPDataSystems

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Go to mobile version