CVE-2024-29975

MEDIUM

Zyxel NAS326 <V5.21(AAZF.17)C0 - Privilege Escalation

Title source: llm

Description

** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the SUID executable binary in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an authenticated local attacker with administrator privileges to execute some system commands as the “root” user on a vulnerable device.

Exploits (1)

github WORKING POC 4 stars

by Pommaq · pythonpoc

https://github.com/Pommaq/CVE-2024-29972-CVE-2024-29976-CVE-2024-29973-CVE-2024-29975-CVE-2024-29974-poc

View Code ZIP pw:eip

References (2)

[Exploit, Third Party Advisory] https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/

[Vendor Advisory] https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024

Scores

CVSS v3 6.7

EPSS 0.0028

EPSS Percentile 51.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-269

Status published

Products (2)

zyxel/nas326_firmware < 5.21\(aazf.17\)c0

zyxel/nas542_firmware < 5.21\(abag.14\)c0

Published Jun 04, 2024

Tracked Since Feb 18, 2026