CVE-2022-43390 Information

Description

A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0 which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.

Reference

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders