admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 01:40:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create CVE-2022-0342.md

Browse Source 
Add Zyxel Authentication Bypass Vulnerability (CVE-2022-0342)
This commit is contained in:
Goby 2023-04-01 12:35:04 +08:00 committed by GitHub
parent 48b093101a
commit 04888be191
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CVE-2022-0342.md Normal file
View File

@ -0,0 +1,12 @@
## Zyxel Authentication Bypass Vulnerability (CVE-2022-0342)
| **Vulnerability** | **Zyxel Authentication Bypass Vulnerability (CVE-2022-0342)** |
| :----: | :-----|
| **Chinese name** | Zyxel 认证绕过漏洞 (CVE-2022-0342) |
| **CVSS core** | 9.8 |
| **FOFA Query** (click to view the results directly)| [body="/2FA-access.cgi" && body="zyxel zyxel_style1"](https://fofa.info/result?qbase64=Ym9keT0iLzJGQS1hY2Nlc3MuY2dpIiAmJiBib2R5PSJ6eXhlbCB6eXhlbF9zdHlsZTEi) |
| **Number of assets affected** | 6806 |
| **Description** | Zyxel USG/ZyWALL is a firewall of China Zyxel Technology (Zyxel). Zyxel USG/ZyWALL 4.20 to 4.70, USG FLEX 4.50 to 5.20, ATP 4.32 to 5.20, VPN 4.30 to 5.20, NSG 1.20 to 1.33 Patch 4 have security vulnerabilities, which can be exploited by attackers to circumvent Authenticate over the web and gain administrative access to the device. |
| **Impact** | Attackers can control the entire system through unauthorized access vulnerabilities, and ultimately lead to an extremely insecure state of the system. |
![](https://s3.bmp.ovh/imgs/2023/04/01/ca2c23fcafe64c05.gif)