Command Injection Vulnerability in Zyxel NR7101 Firmware

Command Injection Vulnerability in Zyxel NR7101 Firmware

CVE-2022-43390 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.

Learn more about our Web Application Penetration Testing UK.