CVE-2024-7261
Published: 03 September 2024
Summary
CVE-2024-7261 is a critical-severity OS Command Injection (CWE-78) vulnerability in Zyxel Nwa110Ax Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 3.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2024-7261 is an OS command injection vulnerability (CWE-78) stemming from improper neutralization of special elements in the "host" parameter within a CGI program. It affects multiple Zyxel access point and security router models running unpatched firmware, specifically NWA1123ACv3 up to version 6.70(ABVT.4), WAC500 up to 6.70(ABVS.4), WAX655E up to 7.00(ACDO.1), WBE530 up to 7.00(ACLE.1), and USG LITE 60AX up to V2.00(ACIP.2). The flaw carries a CVSS 3.1 base score of 9.8.
An unauthenticated remote attacker can exploit the issue by sending a crafted cookie containing malicious input to the vulnerable device's web interface. Successful exploitation grants the ability to execute arbitrary operating system commands with full read, write, and control impact on the affected device.
The vendor advisory from Zyxel recommends that administrators upgrade the listed products to the fixed firmware versions provided in the security bulletin to eliminate the command injection vector. No other mitigations such as configuration changes or workarounds are specified.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-48208
Vulnerability details
The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) and earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) and earlier,…
more
and USG LITE 60AX firmware version V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.