Posted by RedTeam Pentesting GmbH on May 04
Advisory: Authentication Bypass in Configuration Import and Export of
ZyXEL ZyWALL USG Appliances
Unauthenticated users with access to the management web interface of
certain ZyXEL ZyWALL USG appliances can download and upload
configuration files, that are applied automatically.
Details
=======
Product: ZyXEL USG (Unified Security Gateway) appliances
ZyWALL USG-20
ZyWALL USG-20W
ZyWALL USG-50…