CVE-2023-22914

Name of the Vulnerable Software and Affected Versions Zyxel USG FLEX series firmware versions 4.50 through 5.35 Zyxel VPN series firmware versions 4.30 through 5.35

Description A path traversal vulnerability in the account print.cgi CGI program could allow a remote authenticated attacker with administrator privileges to execute unauthorized OS commands in the tmp directory by uploading a crafted file if the hotspot function were enabled. This issue is related to incorrect restriction of the path name to the tmp directory.

Recommendations For Zyxel USG FLEX series firmware versions 4.50 through 5.35, consider disabling the account print.cgi CGI program until a patch is available. For Zyxel VPN series firmware versions 4.30 through 5.35, restrict access to the tmp directory to minimize the risk of exploitation. As a temporary workaround, avoid using the hotspot function until the issue is resolved.