Zyxel has launched security updates to deal with vital flaws impacting two of its network-attached storage (NAS) gadgets which have presently reached end-of-life (EoL) standing.
Profitable exploitation of three of the 5 vulnerabilities might allow an unauthenticated attacker to execute working system (OS) instructions and arbitrary code on affected installations.
Impacted fashions embrace NAS326 operating variations V5.21(AAZF.16)C0 and earlier, and NAS542 operating variations V5.21(ABAG.13)C0 and earlier. The shortcomings have been resolved in variations V5.21(AAZF.17)C0 and V5.21(ABAG.14)C0, respectively.
A quick description of the failings is as follows –
- CVE-2024-29972 – A command injection vulnerability within the CGI program “remote_help-cgi” that might permit an unauthenticated attacker to execute some working system (OS) instructions by sending a crafted HTTP POST request
- CVE-2024-29973 – A command injection vulnerability within the ‘setCookie’ parameter that might permit an unauthenticated attacker to execute some OS instructions by sending a crafted HTTP POST request
- CVE-2024-29974 – A distant code execution vulnerability within the CGI program ‘file_upload-cgi’ that might permit an unauthenticated attacker to execute arbitrary code by importing a crafted configuration file
- CVE-2024-29975 – An improper privilege administration vulnerability within the SUID executable binary that might permit an authenticated native attacker with administrator privileges to execute some system instructions because the ‘root’ consumer
- CVE-2024-29976 – An improper privilege administration vulnerability within the command ‘show_allsessions’ that might permit an authenticated attacker to acquire a logged-in administrator’s session data containing cookies on an affected gadget
Outpost24 security researcher Timothy Hjort has been credited with discovering and reporting the 5 flaws. It is price noting that the 2 of the privilege escalation flaws that require authentication stay unpatched.
Whereas there isn’t a proof that the problems have been exploited within the wild, customers are advisable to replace to the most recent model for optimum safety.
