Zyxel security advisory for directory traversal and command injection vulnerabilities of VPN2S
CVE: CVE-2021-35027, CVE-2021-35028
Summary
Zyxel has released a patch addressing directory traversal and command injection vulnerabilities in the VPN2S firewall. Users are advised to install it for optimal protection.
What is the vulnerability?
A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in the VPN2S firewall. A command injection vulnerability caused by improper filtering for the parameters in a CGI program was also identified.
What versions are vulnerable—and what should you do?
After a thorough investigation, we’ve identified one vulnerable product that is within its warranty and support period and released a hotfix to address the issue, as shown in the table below.
Affected model | Hotfix availability |
ZyWALL VPN2S |
Got a question or a tipoff?
Please contact your local service rep or comment below for further information or assistance.
Acknowledgment
Thanks to Qihoo 360 for reporting the issues to us.
Revision history
2021-09-30: Initial release
Categories
- All Categories
- 384 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 78 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 209 Service & License
- 335 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 898 Nebula FAQ
- 415 Security FAQ
- 234 Switch FAQ
- 205 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 62 Security Highlight