Name of the Vulnerable Software and Affected Versions Zyxel USG and Zyxel VPN (affected versions not specified)

Description The issue exists due to the lack of measures to neutralize special elements used in the operating system command. This can be exploited by a remote attacker to execute arbitrary code by sending a specially crafted HTTP GET request.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.