A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25014
Reference (s):
- https://www.zyxel.com/support/Zyxel-security-advisory-for-buffer-overflow-vulnerability.shtml
- https://businessforum.zyxel.com/categories/security-news-and-release