SSD Advisory – Zyxel VPN Series Pre-auth Remote Command Execution

Summary Chaining of three vulnerabilities allows unauthenticated attackers to execute arbitrary command with root privileges on Zyxel VPN firewall (VPN50, VPN100, VPN300, VPN500, VPN1000). Due to recent attack surface changes in Zyxel, the chain described below broke and become unusable – we have decided to disclose this even though it is no longer exploitable. Credit …

SSD Advisory – Zyxel VPN Series Pre-auth Remote Command Execution Read More »