- Description
- An incorrect permission assignment vulnerability in the PostgreSQL commands of the Zyxel USG FLEX H series uOS firmware versions from V1.20 through V1.31 could allow an authenticated local attacker with low privileges to gain access to the Linux shell and escalate their privileges by crafting malicious scripts or modifying system configurations with administrator-level access through a stolen token. Modifying the system configuration is only possible if the administrator has not logged out and the token remains valid.
- Source
- security@zyxel.com.tw
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security@zyxel.com.tw
- CWE-732
- Hype score
- Not currently trending
🔍 @hnsec ha scoperto una vulnerabilità (CVE-2025-1731) nei firewall Zyxel USG FLEX H: possibile escalation a root via fermion-wrapper. @ZyxelNews ha prontamente rilasciato il firmware V1.32. In collaborazione con HackerHood. 🔗 https://t.co/qWIzO1Ba2T #HNSecurity #Zyxel
@HumanativaGroup
20 May 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1731 (CVSS:7.8, HIGH) is Awaiting Analysis. An incorrect permission assignment vulnerability in the PostgreSQL commands of the USG FLEX H series uOS firmware versio..https://t.co/rDAAsoemST #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
26 Apr 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1731 (CVSS:7.8, HIGH) is Awaiting Analysis. An incorrect permission assignment vulnerability in the PostgreSQL commands of the USG FLEX H series uOS firmware versio..https://t.co/rDAAsoemST #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
25 Apr 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1731: ZYXEL uOS (CVE-2025-1731). Authenticated Remote Code Execution. ZYXEL uOS (CVE-2025-1731). Web Privilege Escalation via stealed token from RCE. https://t.co/8I2cdZJz0d https://t.co/wYC6NcaEW1
@cyber_advising
24 Apr 2025
990 Impressions
6 Retweets
14 Likes
5 Bookmarks
0 Replies
0 Quotes
Authenticated Remote Code Execution on USG FLEX H Series (CVE-2025-1731 / CVE-2025-1732) https://t.co/PUMMNamEm1
@_r_netsec
24 Apr 2025
296 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚡️The vulnerability details are now available: https://t.co/rDsjvz1gfD 🚨🚨Zyxel USG FLEX H Series Flaw Alert! CVE-2025-1731: Low-priv attacker can exploit PostgreSQL flaw to hit Linux shell, escalate privs via malicious scripts or stolen admin token! Note: Token must be htt
@zoomeye_team
23 Apr 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We have identified some security vulnerabilities (CVE-2025-1731) in Zyxel USG FLEX H Series firewall appliances, that allow local users with access to a Linux OS shell to escalate privileges to root. https://t.co/svOAvmdDrW #Zyxel #VulnerabilityResearch #CoordinatedDisclosure
@hnsec
23 Apr 2025
1266 Impressions
8 Retweets
10 Likes
3 Bookmarks
0 Replies
0 Quotes
Local privilege escalation on Zyxel USG FLEX H Series (CVE-2025-1731) https://t.co/y6hQCFkdS2 https://t.co/Hct7P5CNTJ
@secharvesterx
23 Apr 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-1731 🔴 HIGH (7.8) 🏢 Zyxel - USG FLEX H series uOS firmware 🏗️ from V1.20 through V1.31 🔗 https://t.co/6bxF6RpWz5 #CyberCron #VulnAlert #InfoSec https://t.co/tDyT7Cgkjt
@cybercronai
22 Apr 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
�� CVE-2025-1731 - Zyxel USG FLEX H Series Firewalls - HIGH 🚨 🗓️ Date published 2025-04-22 03:15:21 UTC #ZyxelUSGFLEXHSeriesFirewalls #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/pLSKBwTuzx
@vulns_space
22 Apr 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1731 An incorrect permission assignment vulnerability in the PostgreSQL commands of the USG FLEX H series uOS firmware versions from V1.20 through V1.31 could allow an authe… https://t.co/gF1e2QZPlY
@CVEnew
22 Apr 2025
712 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes