Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-30525 PoC — 合勤科技 USG FLEX 操作系统命令注入漏洞

Source
https://github.com/M4fiaB0y/CVE-2022-30525
Associated Vulnerability
Title:合勤科技 USG FLEX 操作系统命令注入漏洞 (CVE-2022-30525)
Description:Zyxel USG FLEX是中国合勤科技(Zyxel)公司的一款防火墙。提供灵活的 VPN 选项(IPsec、SSL 或 L2TP),为远程工作和管理提供灵活的安全远程访问。 合勤科技 USG FLEX 5.00版本至5.21版本、存在安全漏洞。攻击者利用该漏洞修改特定文件,在易受攻击的设备上执行一些操作系统命令。
Description
Zyxel Firewall Remote Command Injection Vulnerability (CVE-2022-30525) Batch Detection Script
Readme
# CVE-2022-30525
#### python CVE-2022-30525-POC.py -u http://sit.com

[Image](https://files.fm/f/jmx5gur6k)
File Snapshot

 [4.0K]  /data/pocs/b32f0df952623641ce70443dc0ff3be9a6d900ee
├── [3.4K]  CVE-2022-30525.py
├── [ 108]  README.md
└── [  34]  Test.txt

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.