Zyxel has launched safety updates to handle essential flaws impacting two of its network-attached garage (NAS) units that experience lately reached end-of-life (EoL) standing.
A hit exploitation of 3 of the 5 vulnerabilities may allow an unauthenticated attacker to execute running machine (OS) instructions and arbitrary code on affected installations.
Impacted fashions come with NAS326 operating variations V5.21(AAZF.16)C0 and previous, and NAS542 operating variations V5.21(ABAG.13)C0 and previous. The shortcomings had been resolved in variations V5.21(AAZF.17)C0 and V5.21(ABAG.14)C0, respectively.
A short lived description of the failings is as follows –
- CVE-2024-29972 – A command injection vulnerability within the CGI program “remote_help-cgi” that would permit an unauthenticated attacker to execute some running machine (OS) instructions via sending a crafted HTTP POST request
- CVE-2024-29973 – A command injection vulnerability within the ‘setCookie’ parameter that would permit an unauthenticated attacker to execute some OS instructions via sending a crafted HTTP POST request
- CVE-2024-29974 – A faraway code execution vulnerability within the CGI program ‘file_upload-cgi’ that would permit an unauthenticated attacker to execute arbitrary code via importing a crafted configuration report
- CVE-2024-29975 – An fallacious privilege control vulnerability within the SUID executable binary that would permit an authenticated native attacker with administrator privileges to execute some machine instructions because the ‘root’ consumer
- CVE-2024-29976 – An fallacious privilege control vulnerability within the command ‘show_allsessions’ that would permit an authenticated attacker to procure a logged-in administrator’s consultation data containing cookies on an affected software
Outpost24 safety researcher Timothy Hjort has been credited with finding and reporting the 5 flaws. It is value noting that the 2 of the privilege escalation flaws that require authentication stay unpatched.
Whilst there is not any proof that the problems had been exploited within the wild, customers are advisable to replace to the newest model for optimum coverage.