From 8bca2d6c49f870f1604c51241ba7055b933d13b6 Mon Sep 17 00:00:00 2001
From: Goby <50955360+gobysec@users.noreply.github.com>
Date: Fri, 12 May 2023 18:19:11 +0800
Subject: [PATCH] Create ZyXEL_routers_Export_Log_arbitrary_file_read.md

add ZyXEL_routers_Export_Log_arbitrary_file_read
---
 ZyXEL_routers_Export_Log_arbitrary_file_read.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 ZyXEL_routers_Export_Log_arbitrary_file_read.md

diff --git a/ZyXEL_routers_Export_Log_arbitrary_file_read.md b/ZyXEL_routers_Export_Log_arbitrary_file_read.md
new file mode 100644
index 0000000..90f50b2
--- /dev/null
+++ b/ZyXEL_routers_Export_Log_arbitrary_file_read.md
@@ -0,0 +1,12 @@
+## ZyXEL routers Export_Log arbitrary file read
+
+|   **Vulnerability**  | **ZyXEL routers Export_Log arbitrary file read**  |
+| :----:   | :-----|
+|  **Chinese name**  | ZyXEL 路由器 Export_Log 任意文件读取 |
+| **CVSS core**  | 8.0 |
+| **FOFA Query**  (click to view the results directly)| [(title=".:: Welcome to the Web-Based Configuration::." && body="ZyXEL") \|\| (title="Welcome to the Web-Based Configurator" && (body="/zycss.css" \|\| body="zyxel")) \|\| title="do Router ZyXEL" \|\| title="Welcome to ZyROUTER" \|\| title="ZyXEL Router" \|\| body="\<friendlyName>ZyXEL Router\</friendlyName>" \|\| banner="ZyXEL-router"](https://en.fofa.info/result?qbase64=KHRpdGxlPSIuOjogV2VsY29tZSB0byB0aGUgV2ViLUJhc2VkIENvbmZpZ3VyYXRpb246Oi4iICYmIGJvZHk9Ilp5WEVMIikgfHwgKHRpdGxlPSJXZWxjb21lIHRvIHRoZSBXZWItQmFzZWQgQ29uZmlndXJhdG9yIiAmJiAoYm9keT0iL3p5Y3NzLmNzcyIgfHwgYm9keT0ienl4ZWwiKSkgfHwgdGl0bGU9ImRvIFJvdXRlciBaeVhFTCIgfHwgdGl0bGU9IldlbGNvbWUgdG8gWnlST1VURVIiIHx8IHRpdGxlPSJaeVhFTCBSb3V0ZXIiIHx8IGJvZHk9IjxmcmllbmRseU5hbWU%2BWnlYRUwgUm91dGVyPC9mcmllbmRseU5hbWU%2BIiB8fCBiYW5uZXI9Ilp5WEVMLXJvdXRlciIK) |
+| **Number of assets affected**  | 733803 |
+| **Description**  | ZyXEL routers are various router products of ZyXEL company. Several ZyXEL routers have an arbitrary file read vulnerability in /Export_Log. |
+| **Impact** | Several ZyXEL routers have an arbitrary file read vulnerability in /Export_Log. |
+
+![](https://s3.bmp.ovh/imgs/2023/05/12/3909e1c09af8eb25.gif)