Vulnerability
sysops

Zyxel has issued patches to address a critical operating system (OS) command injection vulnerability identified as CVE-2024-7261.

This vulnerability affects several versions of their access points (AP) and security routers. Users are strongly urged to apply these patches to safeguard their systems against exploits.

CVE-2024-7261 – The Vulnerability

The vulnerability arises from improper neutralizing of unique elements in the “host” parameter within the CGI program of specific AP and security router versions.

This flaw could enable an unauthenticated attacker to execute OS commands by sending a specially crafted cookie to a vulnerable device. Such an exploit could have severe implications, including unauthorized access and control over affected devices.

Affected Versions and Recommended Actions

Zyxel has conducted a thorough investigation to identify the products affected by this vulnerability. Below is a detailed table listing the affected models, their vulnerable versions, and the corresponding patch availability.

What Does MITRE ATT&CK Expose About Your Enterprise Security? – Watch Free Webinar!

ProductAffected ModelAffected VersionPatch AvailabilityAPNWA50AX7.00(ABYW.1) and earlier7.00(ABYW.2)NWA50AX PRO7.00(ACGE.1) and earlier7.00(ACGE.2)NWA55AXE7.00(ABZL.1) and earlier7.00(ABZL.2)NWA90AX7.00(ACCV.1) and earlier7.00(ACCV.2)NWA90AX PRO7.00(ACGF.1) and earlier7.00(ACGF.2)NWA110AX7.00(ABTG.1) and earlier7.00(ABTG.2)NWA130BE7.00(ACIL.1) and earlier7.00(ACIL.2)NWA210AX7.00(ABTD.1) and earlier7.00(ABTD.2)NWA220AX-6E7.00(ACCO.1) and earlier7.00(ACCO.2)NWA1123-AC PRO6.28(ABHD.0) and earlier6.28(ABHD.3)NWA1123ACv36.70(ABVT.4) and earlier6.70(ABVT.5)WAC5006.70(ABVS.4) and earlier6.70(ABVS.5)WAC500H6.70(ABWA.4) and earlier6.70(ABWA.5)WAC6103D-I6.28(AAXH.0) and earlier6.28(AAXH.3)WAC6502D-S6.28(AASE.0) and earlier6.28(AASE.3)WAC6503D-S6.28(AASF.0) and earlier6.28(AASF.3)WAC6552D-S6.28(ABIO.0) and earlier6.28(ABIO.3)WAC6553D-E6.28(AASG.2) and earlier6.28(AASG.3)WAX300H7.00(ACHF.1) and earlier7.00(ACHF.2)WAX510D7.00(ABTF.1) and earlier7.00(ABTF.2)WAX610D7.00(ABTE.1) and earlier7.00(ABTE.2)WAX620D-6E7.00(ACCN.1) and earlier7.00(ACCN.2)WAX630S7.00(ABZD.1) and earlier7.00(ABZD.2)WAX640S-6E7.00(ACCM.1) and earlier7.00(ACCM.2)WAX650S7.00(ABRM.1) and earlier7.00(ABRM.2)WAX655E7.00(ACDO.1) and earlier7.00(ACDO.2)WBE5307.00(ACLE.1) and earlier7.00(ACLE.2)WBE660S7.00(ACGG.1) and earlier7.00(ACGG.2)Security RouterUSG LITE 60AXV2.00(ACIP.2)V2.00(ACIP.3)*

Zyxel’s proactive response to this vulnerability highlights the importance of regular software updates and patch management in maintaining cybersecurity.

Users of the affected products are advised to apply the patches immediately to mitigate potential risks.

Are You From SOC/DFIR Teams? – Try Advanced Malware and Phishing Analysis With ANY.RUN – 14 day free trial

Related Posts

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its…

Two vulnerabilities have been identified in pgAdmin of PostgreSQL, which are associated with cross-site scripting and multi-factor authentication bypass. pgAdmin…

Researchers discovered a vulnerability in an archived Apache project, highlighting the risk of using outdated third-party dependencies, where attackers can…