all InfoSec news
Don’t Play with Fire: Prioritize Zyxel Firewall Update to Fix Unreported Vulnerability
Malware Analysis, News and Indicators - Latest topics malware.news
Our analysis has identified multiple vulnerabilities affecting Zyxel’s USG line of firewalls and VPN appliances running firmware versions 5.36 and below. The vulnerabilities can allow an unauthenticated attacker to force the admin interface of the device to send an HTTP GET to any URL of the attacker’s choosing and store the full response on the device. This creates the potential for an XSS against the administrator account of the device, ultimately leading to full attacker control of the appliance. Likewise, …
admin analysis attacker can device don fire firewall firewalls firmware fix http http get interface play prioritize running send unauthenticated update url vpn vulnerabilities vulnerability zyxel