Zyxel.Cloud.CNM.SecuManager.Remote.Command.Execution
Description
This indicates a detection of a Command Injection vulnerability in Zyxel Cloud CNM SecuManager.
The vulnerability is due to an error in the application when handling a crafted HTTP request. It may allow remote attackers to execute arbitrary code on vulnerable systems, via a crafted HTTP request.
Affected Products
Zyxel CNM SecuManager 3.1.0
Zyxel CNM SecuManager 3.1.1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently we are unaware of any vendor supplied patch for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |