THREAT OPS › CVEs › CVE-2023-28771
CVE-2023-28771 — Zyxel Multiple Firewalls OS Command Injection Vulnerability
Zyxel ATP, USG FLEX, VPN, and ZyWALL/USG firewalls allow for improper error message handling which could allow an unauthenticated attacker to execute OS commands remotely by sending crafted packets to an affected device.
Vulnerability details
- Affected productsMultiple Firewalls
- KEV remediation due2023-06-21