CVE-2017-6884

HIGH KEV RANSOMWARE

Zyxel EMG2926 V1.00(AAQT.4)b8 - Command Injection

Title source: llm

Description

A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI.

Exploits (1)

exploitdb WORKING POC

by trevor Hough · textwebappshardware

https://www.exploit-db.com/exploits/41782

View Code ZIP pw:eip

References (2)

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/41782/

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6884

Scores

CVSS v3 8.8

EPSS 0.9008

EPSS Percentile 99.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2023-09-18

VulnCheck KEV 2020-01-08

InTheWild.io 2017-04-12

ENISA EUVD EUVD-2017-15938

Ransomware Use Confirmed

CWE

CWE-78

Status published

Products (1)

zyxel/emg2926_firmware v1.00\(aaqt.4\)b8

Published Apr 06, 2017

KEV Added Sep 18, 2023

Tracked Since Feb 18, 2026