Zyxel security advisory for OS command injection vulnerability in APs and security router devices
CVE: CVE-2024-7261
Summary
Zyxel has released patches addressing an operating system (OS) command injection vulnerability in some access point (AP) and security router versions. Users are advised to install the patches for optimal protection.
What is the vulnerability?
The improper neutralization of special elements in the parameter “host” in the CGI program of some AP and security router versions could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.
What versions are vulnerable—and what should you do?
After a thorough investigation, we have identified the vulnerable products that are within their vulnerability support period, with their firmware patches shown in the table below.
Product | Affected model | Affected version | Patch availability |
---|---|---|---|
AP | NWA50AX | 7.00(ABYW.1) and earlier | |
NWA50AX PRO | 7.00(ACGE.1) and earlier | ||
NWA55AXE | 7.00(ABZL.1) and earlier | ||
NWA90AX | 7.00(ACCV.1) and earlier | ||
NWA90AX PRO | 7.00(ACGF.1) and earlier | ||
NWA110AX | 7.00(ABTG.1) and earlier | ||
NWA130BE | 7.00(ACIL.1) and earlier | ||
NWA210AX | 7.00(ABTD.1) and earlier | ||
NWA220AX-6E | 7.00(ACCO.1) and earlier | ||
NWA1123-AC PRO | 6.28(ABHD.0) and earlier | ||
NWA1123ACv3 | 6.70(ABVT.4) and earlier | ||
WAC500 | 6.70(ABVS.4) and earlier | ||
WAC500H | 6.70(ABWA.4) and earlier | ||
WAC6103D-I | 6.28(AAXH.0) and earlier | ||
WAC6502D-S | 6.28(AASE.0) and earlier | ||
WAC6503D-S | 6.28(AASF.0) and earlier | ||
WAC6552D-S | 6.28(ABIO.0) and earlier | ||
WAC6553D-E | 6.28(AASG.2) and earlier | ||
WAX300H | 7.00(ACHF.1) and earlier | ||
WAX510D | 7.00(ABTF.1) and earlier | ||
WAX610D | 7.00(ABTE.1) and earlier | ||
WAX620D-6E | 7.00(ACCN.1) and earlier | ||
WAX630S | 7.00(ABZD.1) and earlier | ||
WAX640S-6E | 7.00(ACCM.1) and earlier | ||
WAX650S | 7.00(ABRM.1) and earlier | ||
WAX655E | 7.00(ACDO.1) and earlier | ||
WBE530 | 7.00(ACLE.1) and earlier | ||
WBE660S | 7.00(ACGG.1) and earlier | ||
Security router | USG LITE 60AX | V2.00(ACIP.2) | V2.00(ACIP.3)* |
*Updated by cloud
Got a question?
Please contact your local service rep or visit Zyxel’s community for further information or assistance.
Acknowledgment
Thanks to Chengchao Ai from the ROIS team of Fuzhou University for reporting the issue to us.
Revision history
2024-9-3: Initial release.
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight