zCat on Nostr: CISA Warns of Zyxel Firewall Vulnerability Exploited in Attacks The US cybersecurity ...
CISA Warns of Zyxel Firewall Vulnerability Exploited in Attacks
The US cybersecurity agency CISA on Tuesday warned that a path traversal vulnerability in multiple Zyxel firewall appliances has been exploited in the wild.
The issue, tracked as CVE-2024-11667 (CVSS score of 7.5), is a high-severity flaw affecting the web management interface of Zyxel ATP, USG FLEX, and USG20(W)-VPN series devices.
Successful exploitation of the security defect could allow an attacker to download or upload files using crafted URLs, a NIST advisory reads.
“An attacker may gain unauthorized access to the system, steal credentials, and create backdoor VPN connections by exploiting the vulnerability,” Qualys warned on Tuesday.
See more: https://www.securityweek.com/cisa-warns-of-zyxel-firewall-vulnerability-exploited-in-attacks/
#cybersecurity #zyxel #exploit
The US cybersecurity agency CISA on Tuesday warned that a path traversal vulnerability in multiple Zyxel firewall appliances has been exploited in the wild.
The issue, tracked as CVE-2024-11667 (CVSS score of 7.5), is a high-severity flaw affecting the web management interface of Zyxel ATP, USG FLEX, and USG20(W)-VPN series devices.
Successful exploitation of the security defect could allow an attacker to download or upload files using crafted URLs, a NIST advisory reads.
“An attacker may gain unauthorized access to the system, steal credentials, and create backdoor VPN connections by exploiting the vulnerability,” Qualys warned on Tuesday.
See more: https://www.securityweek.com/cisa-warns-of-zyxel-firewall-vulnerability-exploited-in-attacks/
#cybersecurity #zyxel #exploit