qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/Zyxel-ZTP-RCE-(CVE-2022-305...

149 lines
5.4 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "Zyxel ZTP RCE (CVE-2022-30525)",
"Description": "<p>Several firewalls, such as the Zyxel ATP series, VPN series, and USG FLEX series, have security vulnerabilities.<br></p><p>An unauthenticated remote attacker could execute arbitrary code on the affected device as the user nobody, taking control of the server.<br></p>",
"Product": "Zyxel",
"Homepage": "https://www.zyxel.com/",
"DisclosureDate": "2022-05-12",
"Author": "abszse",
"FofaQuery": "title=\"USG FLEX\" || title=\"USG20-VPN\" || title=\"USG20W-VPN\" || title=\"ATP100\" || title=\"ATP200\" || title=\"ATP500\"title=\"ATP700\" || title=\"ATP800\"",
"GobyQuery": "title=\"USG FLEX\" || title=\"USG20-VPN\" || title=\"USG20W-VPN\" || title=\"ATP100\" || title=\"ATP200\" || title=\"ATP500\"title=\"ATP700\" || title=\"ATP800\"",
"Level": "3",
"Impact": "<p>An unauthenticated remote attacker could execute arbitrary code on the affected device as the user nobody, taking control of the server.<br></p>",
"Recommendation": "<p>At present, the manufacturer has released patches, please follow the link in time: <a href=\"https://www.zyxel.com/support/Zyxel-security-advisory-for-OS-command-injection-vulnerability-of-firewalls.shtml\">https://www.zyxel.com/support/Zyxel-security-advisory-for-OS-command-injection-vulnerability-of-firewalls.shtml</a><br></p>",
"References": [
"https://www.rapid7.com/blog/post/2022/05/12/cve-2022-30525-fixed-zyxel-firewall-unauthenticated-remote-command-injection/?utm_source=dlvr.it&utm_medium=twitter"
],
"Is0day": false,
"HasExp": true,
"ExpParams": [
{
"name": "AttackType",
"type": "select",
"value": "goby_shell_linux",
"show": ""
}
],
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "/test.php",
"follow_redirect": true,
"header": {},
"data_type": "text",
"data": ""
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "test",
"bz": ""
}
]
},
"SetVariable": []
}
],
"ExploitSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "/test.php",
"follow_redirect": true,
"header": {},
"data_type": "text",
"data": ""
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "test",
"bz": ""
}
]
},
"SetVariable": []
}
],
"Tags": [
"Command Execution"
],
"VulType": [
"Command Execution"
],
"CVEIDs": [
"CVE-2022-30525"
],
"CNNVD": [
""
],
"CNVD": [
""
],
"CVSSScore": "9.8",
"Translation": {
"CN": {
"Name": "Zyxel ZTP 远程命令执行漏洞CVE-2022-30525",
"Product": "Zyxel",
"Description": "<p>Zyxel ATP 系列、VPN 系列和 USG FLEX 系列等多款防火墙存在安全漏洞。<br></p><p>未经身份验证的远程攻击者以nobody的用户身份在受影响设备上执行任意代码控制服务器。<br></p>",
"Recommendation": "<p>目前厂商已发布补丁,请及时关注链接:<a href=\"https://www.zyxel.com/support/Zyxel-security-advisory-for-OS-command-injection-vulnerability-of-firewalls.shtml\">https://www.zyxel.com/support/Zyxel-security-advisory-for-OS-command-injection-vulnerability-of-firewalls.shtml</a><br></p>",
"Impact": "<p>未经身份验证的远程攻击者以nobody的用户身份在受影响设备上执行任意代码控制服务器。<br></p>",
"VulType": [
"命令执⾏"
],
"Tags": [
"命令执⾏"
]
},
"EN": {
"Name": "Zyxel ZTP RCE (CVE-2022-30525)",
"Product": "Zyxel",
"Description": "<p>Several firewalls, such as the Zyxel ATP series, VPN series, and USG FLEX series, have security vulnerabilities.<br></p><p>An unauthenticated remote attacker could execute arbitrary code on the affected device as the user nobody, taking control of the server.<br></p>",
"Recommendation": "<p>At present, the manufacturer has released patches, please follow the link in time: <a href=\"https://www.zyxel.com/support/Zyxel-security-advisory-for-OS-command-injection-vulnerability-of-firewalls.shtml\">https://www.zyxel.com/support/Zyxel-security-advisory-for-OS-command-injection-vulnerability-of-firewalls.shtml</a><br></p>",
"Impact": "<p>An unauthenticated remote attacker could execute arbitrary code on the affected device as the user nobody, taking control of the server.<br></p>",
"VulType": [
"Command Execution"
],
"Tags": [
"Command Execution"
]
}
},
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": null,
"System": null,
"Hardware": null
}
}
Reference in New Issue View Git Blame Copy Permalink