CVE-2022-30525 PoC — 合勤科技 USG FLEX 操作系统命令注入漏洞

来源

关联漏洞

Description

CVE-2022-30525 POC

介绍

## CVE-2022-30525 (Zyxel Firewall Remote Command Injection)
A python based exploit for CVE-2022-30525

### Vulnerability Summary ([NIST](https://nvd.nist.gov/vuln/detail/CVE-2022-30525))
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 up to and including 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 up to and including 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 up to and including 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 up to and including 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 up to and including 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 up to and including 5.21 Patch 1, ATP series firmware versions 5.10 up to and including 5.21 Patch 1, VPN series firmware versions 4.60 up to and including 5.21 Patch 1, which could allow an malicious user to modify specific files and then execute some OS commands on a vulnerable device.

### Severity and Metrics:
CVSS | Base Score | Impact Score | Exploitability Score |
-|-|-|-|
v2 | 10 | 10 | 10|
v3 | 9.8 | 5.9 | 3.9|


### Vulnerable Products

Product |
-|
zyxel usg_flex_100w_firmware |
zyxel usg_flex_200_firmware |
zyxel usg_flex_500_firmware |
zyxel usg_flex_700_firmware |
zyxel vpn100_firmware |
zyxel vpn1000_firmware |
zyxel vpn300_firmware |
zyxel vpn50_firmware |
zyxel atp100_firmware |
zyxel atp100w_firmware |
zyxel atp200_firmware |
zyxel atp500_firmware |
zyxel atp700_firmware |
zyxel atp800_firmware |
zyxel usg_flex_50w_firmware |
zyxel usg20w-vpn_firmware |

文件快照

 [4.0K]  /data/pocs/00323781a57a17abbb675851874ae2cfb18eac83
├── [2.7K]  CVE-2022-30525.py
└── [1.5K]  README.md

0 directories, 2 files

备注