Command Injection Vulnerability in Zyxel VPN2S Firmware v1.12: Arbitrary OS Command Execution
CVE-2021-35028 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
A command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to execute arbitrary OS commands.
Learn more about our User Device Pen Test.