Nasty Zyxel remote execution bug is being exploited
At the end of last week, Rapid7 disclosed a nasty bug in Zyxel firewalls that could allow for an unauthenticated remote attacker to execute code as the nobody user. At the time, Rapid7 said there were 15,000 affected models on the internet that Shodan had found. However, over the weekend, Shadowserver Foundation has boosted that number to over 20,800. The Foundation also said it had seen exploitation kick off on May 13, and urged users to patch immediately.









