Zyxel has released security updates to address critical flaws impacting two of its network-attached storage (NAS) devices that have currently reached end-of-life (EoL) status.
Successful exploitation of three of the five vulnerabilities could permit an unauthenticated attacker to execute operating system (OS) commands and arbitrary code on affected installations.
Impacted models include NAS326 running versions V5.21(AAZF.16)C0 and earlier, and NAS542 running versions V5.21(ABAG.13)C0 and earlier. The shortcomings have been resolved in versions V5.21(AAZF.17)C0 and V5.21(ABAG.14)C0, respectively.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
A brief description of the flaws is as follows –
- CVE-2024-29972 – A command injection vulnerability in the CGI program “remote_help-cgi” that could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request
- CVE-2024-29973 – A command injection vulnerability in the ‘setCookie’ parameter that could allow an unauthenticated attacker to execute some OS commands by sending a crafted HTTP POST request
- CVE-2024-29974 – A remote code execution vulnerability in the CGI program ‘file_upload-cgi’ that could allow an unauthenticated attacker to execute arbitrary code by uploading a crafted configuration file
- CVE-2024-29975 – An improper privilege management vulnerability in the SUID executable binary that could allow an authenticated local attacker with administrator privileges to execute some system commands as the ‘root’ user
- CVE-2024-29976 – An improper privilege management vulnerability in the command ‘show_allsessions’ that could allow an authenticated attacker to obtain a logged-in administrator’s session information containing cookies on an affected device
Outpost24 security researcher Timothy Hjort has been credited with discovering and reporting the five flaws. It’s worth noting that the two of the privilege escalation flaws that require authentication remain unpatched.
While there is no evidence that the issues have been exploited in the wild, users are recommended to update to the latest version for optimal protection.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Some parts of this article are sourced from:
thehackernews.com