THREATOPS
THREAT OPSCVEs › CVE-2023-28771

CVE-2023-28771 — Zyxel Multiple Firewalls OS Command Injection Vulnerability

CISA KEVExploited: confirmedZyxel

Zyxel ATP, USG FLEX, VPN, and ZyWALL/USG firewalls allow for improper error message handling which could allow an unauthenticated attacker to execute OS commands remotely by sending crafted packets to an affected device.

Vulnerability details