About Path Traversal – Zyxel firewall (CVE-2024-11667) vulnerability. A directory traversal vulnerability in the web management interface of Zyxel firewall could allow an attacker to download or upload files via a crafted URL. The vulnerability affects Zyxel ZLD firmware versions from 5.00 to 5.38, used in the ATP, USG FLEX, USG FLEX 50(W), and USG20(W)-VPN device series.
👾 Specialists from Sekoia discovered this vulnerability being exploited on their honeypots by ransomware attackers from the Helldown group. There are no public exploits yet.
Zyxel recommends:
🔹Update firmware to version 5.39, which was released on September 3, 2024
🔹Disable remote access until devices are updated
🔹Learn best practices for device configuration
If your company uses Zyxel firewalls, please pay attention. 😉