CVE-2022-30525, Zyxel critical RCE vulnerability

Zyxel fixed Firewall Unauthenticated Remote Command Injection.
Rapid7 discovered and reported a vulnerability that affects Zyxel firewalls supporting Zero Touch Provisioning (ZTP), which includes the ATP series, VPN series, and the USG FLEX series (including USG20-VPN and USG20W-VPN). The vulnerability, identified as CVE-2022-30525, allows an unauthenticated and remote attacker to achieve arbitrary code execution as the nobody user on the affected device.

Nothing surprise.

Sh… not again

…shit, that’s a big hole