A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 up to and including 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 up to and including 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 up to and including 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 up to and including 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 up to and including 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 up to and including 5.21 Patch 1, ATP series firmware versions 5.10 up to and including 5.21 Patch 1, VPN series firmware versions 4.60 up to and including 5.21 Patch 1, which could allow an malicious user to modify specific files and then execute some OS commands on a vulnerable device.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zyxel usg flex 100w firmware |
||
zyxel usg flex 200 firmware |
||
zyxel usg flex 500 firmware |
||
zyxel usg flex 700 firmware |
||
zyxel vpn100 firmware |
||
zyxel vpn1000 firmware |
||
zyxel vpn300 firmware |
||
zyxel vpn50 firmware |
||
zyxel atp100 firmware |
||
zyxel atp100w firmware |
||
zyxel atp200 firmware |
||
zyxel atp500 firmware |
||
zyxel atp700 firmware |
||
zyxel atp800 firmware |
||
zyxel usg flex 50w firmware |
||
zyxel usg20w-vpn firmware |