⚠ Actively exploited
Added to CISA KEV on 2022-05-16. Federal agencies required to patch by 2022-06-06. Required action: Apply updates per vendor instructions..
CVE-2022-30525
Severity
9.8CRITICAL
EPSS
94.4%
top < 0.01%
CISA KEV
KEV
Added 2022-05-16
Due 2022-06-06
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedMay 12
KEV addedMay 16
KEV dueJun 6
Latest updateJun 22
CISA Required Action: Apply updates per vendor instructions.
Description
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versio…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages24 packages
🔴Vulnerability Details
3💥Exploits & PoCs
5🔍Detection Rules
1Suricata▶
ET EXPLOIT [Rapid7] Zyxel ZTP setWanPortSt mtu Parameter Exploit Attempt (CVE-2022-30525)↗2022-05-16
📋Vendor Advisories
1🕵️Threat Intelligence
1Unit42▶
IoT Under Siege: The Anatomy of the Latest Mirai Campaign Leveraging Multiple IoT Exploits↗2023-06-22