colinardo

Zyxel Firewalls security alert!

A serious vulnerability in Zyxel firewalls has been discovered, which in the worst case, can be used to execute local commands with root privileges. Security updates are already available.

The root vulnerability (CVE-2022-30526) has been rated "high" and attackers can issue their commands via the CLI component. By exploiting the second vulnerability (CVe-2022-2030 "medium"), attackers could potentially gain unauthorized access to files on the device.

back-to-topList of affected devices:

Affected modelAffected versionPatch availability
CVE-2022-30526CVE-2022-2030
USG FLEX 100(W), 200, 500, 700ZLD V4.50~V5.30ZLD V4.50~V5.30ZLD V5.31

||USG FLEX 50(W) / USG20(W)-VPN ||ZLD V4.16~V5.30 ||ZLD V4.16~V5.30 ||ZLD V5.31|
ATP seriesZLD V4.32~V5.30ZLD V4.32~V5.30ZLD V5.31
VPN seriesZLD V4.30~V5.30ZLD V4.30~V5.30ZLD V5.31
USG/ZyWALLZLD V4.09~V4.72ZLD V4.11~V4.72ZLD V4.72 week28*

Zyxel security advisory for local privilege escalation and authenticated directory traversal vulnerabilities of firewalls

Regards @colinardo
Auf Facebook teilen
Auf X (Twitter) teilen
Auf Reddit teilen
Auf Linkedin teilen

Content-ID: 3387621006

Url: https://administrator.de/info/zyxel-firewalls-security-alert-3387621006.html

Ausgedruckt am: 30.07.2025 um 16:07 Uhr