Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-30525 PoC — 合勤科技 USG FLEX 操作系统命令注入漏洞

Source
https://github.com/shuai06/CVE-2022-30525
Associated Vulnerability
Title:合勤科技 USG FLEX 操作系统命令注入漏洞 (CVE-2022-30525)
Description:A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.
Description
Zyxel 防火墙远程命令注入漏洞(CVE-2022-30525)批量检测脚本
Readme
# CVE-2022-30525
Zyxel 防火墙远程命令注入漏洞(CVE-2022-30525)批量检测脚本
> 脚本仅提供测试功能,不包含实际攻击请求,仅用于安全检测,一切利用脚本进行违法测试的行为均与本人无关



![](https://tva1.sinaimg.cn/large/e6c9d24ely1h274kbmig8j21yc0dyjti.jpg)

![](https://tva1.sinaimg.cn/large/e6c9d24ely1h274q3zr04j21v40i20vf.jpg)
File Snapshot

 [4.0K]  /data/pocs/cd88e8caedf7f5c413ad6f6f35e66e4952f3f75a
├── [3.2K]  CVE-2022-30525-POC.py
└── [ 395]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →