CVE-2022-30525

This exploit targets CVE-2022-30525, an OS command injection vulnerability in Zyxel USG FLEX devices. It sends a crafted JSON payload to the `/ztp/cgi-bin/handler` endpoint, injecting a reverse shell command via the `mtu` parameter.

This PoC exploits a command injection vulnerability in Zyxel firewalls by injecting a DNS lookup command into the 'mtu' parameter of a JSON payload sent to the '/ztp/cgi-bin/handler' endpoint. It uses dnslog.cn for out-of-band detection to confirm the vulnerability.

This is a functional proof-of-concept exploit for CVE-2022-30525, an unauthenticated remote command injection vulnerability in Zyxel firewalls. It leverages the zero-touch provisioning endpoint to execute arbitrary commands and establish a reverse shell.

This PoC exploits CVE-2022-30525, an unauthenticated remote command injection vulnerability in Zyxel firewalls. It sends a crafted JSON payload to the `/ztp/cgi-bin/handler` endpoint, injecting a command to ping a DNS log server for verification.

This repository contains a functional proof-of-concept exploit for CVE-2022-30525, a command injection vulnerability in Zyxel firewalls. It includes both a DNS-based verification method and a reverse shell payload for exploitation.

This PoC exploits CVE-2022-30525, an unauthenticated remote command injection vulnerability in Zyxel firewalls. It uses DNS exfiltration via dnslog.cn to verify command execution by injecting a ping command into the 'mtu' parameter of a JSON payload sent to the /ztp/cgi-bin/handler endpoint.

This repository contains a functional Go-based exploit for CVE-2022-30525, targeting Zyxel firewalls with unauthenticated remote command execution via the `/ztp/cgi-bin/handler` endpoint. The exploit injects commands into the `mtu` parameter of a JSON payload, achieving RCE as the `nobody` user.

This repository contains a functional proof-of-concept exploit for CVE-2022-30525, a command injection vulnerability in Zyxel firewalls. The exploit leverages the 'mtu' parameter in the '/ztp/cgi-bin/handler' endpoint to execute arbitrary commands, including reverse shell payloads via netcat or DNS exfiltration.

This script checks for the presence of CVE-2022-30525, an OS command injection vulnerability in Zyxel USG FLEX devices. It sends a crafted HTTP request with a command injection payload to test for vulnerability.

This is a functional exploit for CVE-2022-30525, targeting unauthenticated remote command injection in Zyxel firewalls. It sends a crafted JSON payload to the `/ztp/cgi-bin/handler` endpoint, injecting a reverse shell via the `mtu` parameter.

This is a Python-based exploit for CVE-2022-30525, a command injection vulnerability in Zyxel firewalls. It leverages DNSLog for out-of-band detection of successful command injection via the 'mtu' parameter in a JSON payload.

This repository contains a detailed writeup of CVE-2022-30525, an OS command injection vulnerability in Zyxel firewalls. The vulnerability allows unauthenticated remote code execution via the /ztp/cgi-bin/handler endpoint using the setWanPortSt command.

This PoC exploits CVE-2022-30525, a command injection vulnerability in Zyxel firewalls, by injecting a reverse shell payload into the 'mtu' parameter of a JSON request to the ZTP handler endpoint. The exploit uses a bash command to establish a reverse shell connection to a specified listener.

This is a Python-based exploit for CVE-2022-30525, a command injection vulnerability in Zyxel firewalls. It leverages DNSLog for detection and can scan single or multiple targets.

This PoC exploits CVE-2022-30525, a command injection vulnerability in Zyxel firewalls. It sends a crafted JSON payload to the '/ztp/cgi-bin/handler' endpoint, injecting a command to ping a DNS log domain for verification of exploitation.

This Metasploit module exploits CVE-2022-30525, an unauthenticated remote command injection vulnerability in Zyxel firewalls via the ZTP handler. It injects commands into the 'mtu' field of a JSON payload sent to /ztp/cgi-bin/handler.