Zyxel has issued patches to address a critical operating system (OS) command injection vulnerability identified as CVE-2024-7261.
This vulnerability affects several versions of their access points (AP) and security routers. Users are strongly urged to apply these patches to safeguard their systems against exploits.
CVE-2024-7261 – The Vulnerability
The vulnerability arises from improper neutralizing of unique elements in the “host” parameter within the CGI program of specific AP and security router versions.
This flaw could enable an unauthenticated attacker to execute OS commands by sending a specially crafted cookie to a vulnerable device. Such an exploit could have severe implications, including unauthorized access and control over affected devices.
Affected Versions and Recommended Actions
Zyxel has conducted a thorough investigation to identify the products affected by this vulnerability. Below is a detailed table listing the affected models, their vulnerable versions, and the corresponding patch availability.
What Does MITRE ATT&CK Expose About Your Enterprise Security? - Watch Free Webinar!
| Product | Affected Model | Affected Version | Patch Availability |
| AP | NWA50AX | 7.00(ABYW.1) and earlier | 7.00(ABYW.2) |
| NWA50AX PRO | 7.00(ACGE.1) and earlier | 7.00(ACGE.2) | |
| NWA55AXE | 7.00(ABZL.1) and earlier | 7.00(ABZL.2) | |
| NWA90AX | 7.00(ACCV.1) and earlier | 7.00(ACCV.2) | |
| NWA90AX PRO | 7.00(ACGF.1) and earlier | 7.00(ACGF.2) | |
| NWA110AX | 7.00(ABTG.1) and earlier | 7.00(ABTG.2) | |
| NWA130BE | 7.00(ACIL.1) and earlier | 7.00(ACIL.2) | |
| NWA210AX | 7.00(ABTD.1) and earlier | 7.00(ABTD.2) | |
| NWA220AX-6E | 7.00(ACCO.1) and earlier | 7.00(ACCO.2) | |
| NWA1123-AC PRO | 6.28(ABHD.0) and earlier | 6.28(ABHD.3) | |
| NWA1123ACv3 | 6.70(ABVT.4) and earlier | 6.70(ABVT.5) | |
| WAC500 | 6.70(ABVS.4) and earlier | 6.70(ABVS.5) | |
| WAC500H | 6.70(ABWA.4) and earlier | 6.70(ABWA.5) | |
| WAC6103D-I | 6.28(AAXH.0) and earlier | 6.28(AAXH.3) | |
| WAC6502D-S | 6.28(AASE.0) and earlier | 6.28(AASE.3) | |
| WAC6503D-S | 6.28(AASF.0) and earlier | 6.28(AASF.3) | |
| WAC6552D-S | 6.28(ABIO.0) and earlier | 6.28(ABIO.3) | |
| WAC6553D-E | 6.28(AASG.2) and earlier | 6.28(AASG.3) | |
| WAX300H | 7.00(ACHF.1) and earlier | 7.00(ACHF.2) | |
| WAX510D | 7.00(ABTF.1) and earlier | 7.00(ABTF.2) | |
| WAX610D | 7.00(ABTE.1) and earlier | 7.00(ABTE.2) | |
| WAX620D-6E | 7.00(ACCN.1) and earlier | 7.00(ACCN.2) | |
| WAX630S | 7.00(ABZD.1) and earlier | 7.00(ABZD.2) | |
| WAX640S-6E | 7.00(ACCM.1) and earlier | 7.00(ACCM.2) | |
| WAX650S | 7.00(ABRM.1) and earlier | 7.00(ABRM.2) | |
| WAX655E | 7.00(ACDO.1) and earlier | 7.00(ACDO.2) | |
| WBE530 | 7.00(ACLE.1) and earlier | 7.00(ACLE.2) | |
| WBE660S | 7.00(ACGG.1) and earlier | 7.00(ACGG.2) | |
| Security Router | USG LITE 60AX | V2.00(ACIP.2) | V2.00(ACIP.3)* |
Zyxel’s proactive response to this vulnerability highlights the importance of regular software updates and patch management in maintaining cybersecurity.
Users of the affected products are advised to apply the patches immediately to mitigate potential risks.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14 day free trial