Some vulnerabilities have been reported in ZyXEL ZyWALL appliances, which can be exploited by malicious users and malicious people to bypass certain security restrictions.
1) An error exists within the authentication mechanism in the cgi-bin/export-cgi script, which can be exploited to download the configuration files.
2) An error exists within the authentication mechanism in the cgi-bin/file_upload-cgi script, which can be exploited to upload the arbitrary configuration files and gain administrative access to the device.
3) An error within the authentication mechanism in the management web interface can be exploited to gain administrative privileges to the device by setting the "isAdmin" variable to "true".
Successful exploitation of this vulnerability requires "limited-admin" privileges.
The vulnerabilities have been reported in the following devices:
* ZyWALL USG-20
* ZyWALL USG-20W
* ZyWALL USG-50
* ZyWALL USG-100
* ZyWALL USG-200
* ZyWALL USG-300
* ZyWALL USG-1000
* ZyWALL USG-1050
* ZyWALL USG-2000
Solution: Reportedly, the vulnerabilities are fixed in the firmware released on April 25th, 2011. Please contact the vendor for more information.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org