Zyxel has released patches addressing an OS command injection vulnerability (CVE-2022-30525) in the USG FLEX, ATP and VPN series of products. This vulnerability could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.

More information on vulnerability and updates is available in Zyxel security advisory – zyxel.com.