Zyxel has produced security updates to deal with critical flaws impacting two of its network-connected storage (NAS) equipment that have at the moment attained close-of-lifetime (EoL) position.
Successful exploitation of a few of the 5 vulnerabilities could allow an unauthenticated attacker to execute working procedure (OS) instructions and arbitrary code on influenced installations.
Impacted designs incorporate NAS326 operating versions V5.21(AAZF.16)C0 and before, and NAS542 operating versions V5.21(ABAG.13)C0 and earlier. The shortcomings have been fixed in variations V5.21(AAZF.17)C0 and V5.21(ABAG.14)C0, respectively.
A quick description of the flaws is as follows –
- CVE-2024-29972 – A command injection vulnerability in the CGI system “remote_support-cgi” that could let an unauthenticated attacker to execute some functioning program (OS) instructions by sending a crafted HTTP Article request
- CVE-2024-29973 – A command injection vulnerability in the ‘setCookie’ parameter that could allow for an unauthenticated attacker to execute some OS commands by sending a crafted HTTP Submit ask for
- CVE-2024-29974 – A remote code execution vulnerability in the CGI program ‘file_upload-cgi’ that could allow for an unauthenticated attacker to execute arbitrary code by uploading a crafted configuration file
- CVE-2024-29975 – An poor privilege administration vulnerability in the SUID executable binary that could allow an authenticated local attacker with administrator privileges to execute some technique instructions as the ‘root’ user
- CVE-2024-29976 – An improper privilege management vulnerability in the command ‘show_allsessions’ that could allow for an authenticated attacker to obtain a logged-in administrator’s session data containing cookies on an impacted system
Outpost24 security researcher Timothy Hjort has been credited with finding and reporting the 5 flaws. It really is really worth noting that the two of the privilege escalation flaws that need authentication keep on being unpatched.
Though there is no evidence that the issues have been exploited in the wild, customers are advised to update to the newest edition for best security.
Located this posting fascinating? Observe us on Twitter and LinkedIn to go through additional special written content we submit.
Some parts of this article are sourced from:
thehackernews.com