Zyxel Issues Warning About Critical Vulnerability in Business Routers
September 3, 2024
Zyxel, a network hardware manufacturer, has released security updates to address a critical vulnerability affecting several models of its business routers. This flaw, identified as CVE-2024-7261 and given a CVSS v3 score of 9.8 (classed as 'critical'), is an input validation error arising from the incorrect processing of user-provided data. This error potentially allows remote attackers to execute any commands they wish on the host operating system.
Zyxel stated, 'The improper neutralization of special elements in the parameter "host" in the CGI program of some AP and security router versions could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.' The Zyxel access points (APs) affected by CVE-2024-7261 include several models.
Zyxel also indicated that the security router USG LITE 60AX running V2.00(ACIP.2) is impacted by this vulnerability. However, this model is automatically updated via the cloud to V2.00(ACIP.3), which includes the patch for CVE-2024-7261.
In addition to this, Zyxel has released security updates for multiple high-severity vulnerabilities in APT and USG FLEX firewalls. Among these, the most notable is CVE-2024-42057 (CVSS v3: 8.1, 'high'), a command injection vulnerability in the IPSec VPN feature that can be exploited remotely without authentication. The seriousness of this flaw is mitigated by specific configuration requirements needed for its exploitation. These requirements include configuring the device in User-Based-PSK authentication mode and having a user with a username that is over 28 characters long.
For more information about the impacted firewalls, Zyxel's advisory provides comprehensive details.
Latest News
- North Korean Hackers Exploit Chrome Zero-Day to Deploy Rootkit
- Corona Malware Botnet Exploits Five-Year-Old Zero-Day in Discontinued AVTECH IP Cameras
- Russian APT29 Hackers Leverage Exploits Crafted by Commercial Spyware Vendors
- U.S. Agencies Highlight Ongoing Ransomware Attacks by Iranian Hacking Group
- Critical Infrastructure at Risk: Mirai Botnet Exploits CCTV Zero-Day Vulnerability
Like what you see?
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.