From 04888be1914d9501128542c2a59e4cdf5de617cd Mon Sep 17 00:00:00 2001
From: Goby <50955360+gobysec@users.noreply.github.com>
Date: Sat, 1 Apr 2023 12:35:04 +0800
Subject: [PATCH] Create CVE-2022-0342.md

Add Zyxel Authentication Bypass Vulnerability (CVE-2022-0342)
---
 CVE-2022-0342.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 CVE-2022-0342.md

diff --git a/CVE-2022-0342.md b/CVE-2022-0342.md
new file mode 100644
index 0000000..6b67946
--- /dev/null
+++ b/CVE-2022-0342.md
@@ -0,0 +1,12 @@
+## Zyxel Authentication Bypass Vulnerability (CVE-2022-0342)
+
+|   **Vulnerability**  | **Zyxel Authentication Bypass Vulnerability (CVE-2022-0342)**  |
+| :----:   | :-----|
+|  **Chinese name**  | Zyxel 认证绕过漏洞 (CVE-2022-0342) |
+| **CVSS core**  | 9.8 |
+| **FOFA Query**  (click to view the results directly)| [body="/2FA-access.cgi" && body="zyxel zyxel_style1"](https://fofa.info/result?qbase64=Ym9keT0iLzJGQS1hY2Nlc3MuY2dpIiAmJiBib2R5PSJ6eXhlbCB6eXhlbF9zdHlsZTEi) |
+| **Number of assets affected**  | 6806 |
+| **Description**  | Zyxel USG/ZyWALL is a firewall of China Zyxel Technology (Zyxel). Zyxel USG/ZyWALL 4.20 to 4.70, USG FLEX 4.50 to 5.20, ATP 4.32 to 5.20, VPN 4.30 to 5.20, NSG 1.20 to 1.33 Patch 4 have security vulnerabilities, which can be exploited by attackers to circumvent Authenticate over the web and gain administrative access to the device. |
+| **Impact** | Attackers can control the entire system through unauthorized access vulnerabilities, and ultimately lead to an extremely insecure state of the system. |
+
+![](https://s3.bmp.ovh/imgs/2023/04/01/ca2c23fcafe64c05.gif)