all InfoSec news
Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771)
Help Net Security www.helpnetsecurity.com
A recently fixed command injection vulnerability (CVE-2023-28771) affecting a variety Zyxel firewalls may soon be exploited in the wild, Rapid7 researchers have warned, after publishing a technical analysis and a PoC script that triggers the vulnerability and achieves a reverse root shell. About CVE-2023-28771 CVE-2023-28771 affects: Zyxel APT, USG FLEX, and VPN firewalls running versions v4.60 to v5.35 of the ZDL firmware, and Zyxel ZyWALL/USG gateways/firewalls running ZLD v4.60 to v4.73 These firewall devices monitor … More
The post …
analysis apt command command injection cve cve-2023-28771 don't miss enterprise exploited firewall firewalls firmware hot stuff injection may poc publishing rapid7 researchers reverse root script security update shell smbs technical technical analysis vulnerability zyxel zyxel firewalls