Zyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security router versions that could result in the execution of unauthorized commands.
Tracked as CVE-2024-7261 (CVSS score: 9.8), the vulnerability has been described as a case of operating system (OS) command injection.
“The improper neutralization of special elements in the parameter ‘host’ in the CGI program of some AP and security router versions could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device,” Zyxel said in an advisory.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
Chengchao Ai from the ROIS team of Fuzhou University has been credited with discovering and reporting the flaw.
Zyxel has also shipped updates for seven vulnerabilities in its routers and firewalls, including few that are high in severity, that could result in OS command execution, a denial-of-service (DoS), or access browser-based information –
- CVE-2024-5412 (CVSS score: 7.5) – A buffer overflow vulnerability in the “libclinkc” library that could allow an unauthenticated attacker to cause DoS conditions by means of a specially crafted HTTP request
- CVE-2024-6343 (CVSS score: 4.9) – A buffer overflow vulnerability that could allow an authenticated attacker with administrator privileges to trigger DoS conditions by means of a specially crafted HTTP request
- CVE-2024-7203 (CVSS score: 7.2) – A post-authentication command injection vulnerability that could allow an authenticated attacker with administrator privileges to execute OS commands
- CVE-2024-42057 (CVSS score: 8.1) – A command injection vulnerability in the IPSec VPN feature that could allow an unauthenticated attacker to execute some OS commands
- CVE-2024-42058 (CVSS score: 7.5) – A null pointer dereference vulnerability that could allow an unauthenticated attacker to cause DoS conditions by sending crafted packets
- CVE-2024-42059 (CVSS score: 7.2) – A post-authentication command injection vulnerability that could allow an authenticated attacker with administrator privileges to execute some OS commands by uploading a crafted compressed language file via FTP
- CVE-2024-42060 (CVSS score: 7.2) – A post-authentication command injection vulnerability in some firewall versions could allow an authenticated attacker with administrator privileges to execute some OS commands
- CVE-2024-42061 (CVSS score: 6.1) – A reflected cross-site scripting (XSS) vulnerability in the CGI program “dynamic_script.cgi” that could allow an attacker to trick a user into visiting a crafted URL with the XSS payload and obtain browser-based information
The development comes as D-Link said four security vulnerabilities affecting its DIR-846 router, counting two critical remote command execution vulnerabilities (CVE-2024-44342, CVSS score: 9.8) will not be patched owing to the products reaching end-of-life (EoL) status of February 2020, urging customers to replace them with support versions.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Some parts of this article are sourced from:
thehackernews.com