CVE-2023-28771CISA KEV: Actively Exploited

Zyxel Multiple Firewalls OS Command Injection Vulnerability

Published May 31, 2023·Updated May 31, 2023

Description

Zyxel ATP, USG FLEX, VPN, and ZyWALL/USG firewalls allow for improper error message handling which could allow an unauthenticated attacker to execute OS commands remotely by sending crafted packets to an affected device.

Public Exploits & PoCs2 found

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free