Zyxel zhttpd and libclinkc.so buffer overflows

Added: 01/17/2023
CVE: CVE-2022-4510

Background

Zyxel Firewalls are a business solution providing protection from malware and unauthorized access.

Problem

A buffer overflow vulnerability in Zyxel firewalls could allow a remote, unauthenticated attacker to execute arbitrary code by requesting a specially crafted URI containing a long query string.

Resolution

Install the latest updates as described in the Zyxel advisory.

References

https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-multiple-zyxel-devices/

Platforms

Zyxel

Back to exploit index