CVE-2022-30525

A command injection vulnerability in the CGI program of some Zyxel firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device. Vendor/Product: Zyxel Multiple Firewalls. Added to CISA KEV 2022-05-16; required action: Apply updates per vendor instructions.