| Vulnerability | Zyxel Authentication Bypass Vulnerability (CVE-2022-0342) |
|---|---|
| Chinese name | Zyxel 认证绕过漏洞 (CVE-2022-0342) |
| CVSS core | 9.8 |
| FOFA Query (click to view the results directly) | body="/2FA-access.cgi" && body="zyxel zyxel_style1" |
| Number of assets affected | 6806 |
| Description | Zyxel USG/ZyWALL is a firewall of China Zyxel Technology (Zyxel). Zyxel USG/ZyWALL 4.20 to 4.70, USG FLEX 4.50 to 5.20, ATP 4.32 to 5.20, VPN 4.30 to 5.20, NSG 1.20 to 1.33 Patch 4 have security vulnerabilities, which can be exploited by attackers to circumvent Authenticate over the web and gain administrative access to the device. |
| Impact | Attackers can control the entire system through unauthorized access vulnerabilities, and ultimately lead to an extremely insecure state of the system. |
