Zyxel Releases Patch for Critical Firewall OS Command Injection Vulnerability

In Hacker News by Blog Writer

Post Sharing
Zyxel has moved to address a critical security vulnerability affecting Zyxel firewall devices that enables unauthenticated and remote attackers to gain arbitrary code execution.
“A command injection vulnerability in the CGI program of some firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device,” the company said in an advisory