CVE-2024-7261

CRITICAL

Zyxel NWA/WAC/WAX/WBE/USG LITE Firmware - Unauthenticated OS Command Injection via Host Parameter

Title source: llm

Description

The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) and earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) and earlier, and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024

Scores

CVSS v3 9.8

EPSS 0.2787

EPSS Percentile 96.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-78

Status published

Products (29)

zyxel/nwa110ax_firmware < 7.00\(abtg.2\)

zyxel/nwa1123-ac_pro_firmware < 6.28\(abhd.3\)

zyxel/nwa1123acv3_firmware < 6.70\(abvt.5\)

zyxel/nwa130be_firmware < 7.00\(acil.2\)

zyxel/nwa210ax_firmware < 7.00\(abtd.2\)

zyxel/nwa220ax-6e_firmware < 7.00\(acco.2\)

zyxel/nwa50ax_firmware < 7.00\(abyw.2\)

zyxel/nwa50ax_pro_firmware < 7.00\(acge.2\)

zyxel/nwa55axe_firmware < 7.00\(abzl.2\)

zyxel/nwa90ax_firmware < 7.00\(accv.2\)

... and 19 more

Published Sep 03, 2024

Tracked Since Feb 18, 2026