First published: Tue Oct 22 2024(Updated: )
The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series uOS firmware version V1.21 and earlier versions could allow an authenticated local attacker to gain privilege escalation by stealing the authentication token of a login administrator. Note that this attack could be successful only if the administrator has not logged out.
Credit: security@zyxel.com.tw
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.