Zyxel Releases Patches for Firmware Vulnerabilities in EoL NAS Fashions

Jun 05, 2024NewsroomVulnerability / Information Safety

Zyxel has launched safety updates to handle important flaws impacting two of its network-attached storage (NAS) units which have presently reached end-of-life (EoL) standing.

Profitable exploitation of three of the 5 vulnerabilities might allow an unauthenticated attacker to execute working system (OS) instructions and arbitrary code on affected installations.

Impacted fashions embody NAS326 working variations V5.21(AAZF.16)C0 and earlier, and NAS542 working variations V5.21(ABAG.13)C0 and earlier. The shortcomings have been resolved in variations V5.21(AAZF.17)C0 and V5.21(ABAG.14)C0, respectively.

A short description of the issues is as follows –

• CVE-2024-29972 – A command injection vulnerability within the CGI program “remote_help-cgi” that might permit an unauthenticated attacker to execute some working system (OS) instructions by sending a crafted HTTP POST request

• CVE-2024-29973 – A command injection vulnerability within the ‘setCookie’ parameter that might permit an unauthenticated attacker to execute some OS instructions by sending a crafted HTTP POST request

• CVE-2024-29974 – A distant code execution vulnerability within the CGI program ‘file_upload-cgi’ that might permit an unauthenticated attacker to execute arbitrary code by importing a crafted configuration file

• CVE-2024-29975 – An improper privilege administration vulnerability within the SUID executable binary that might permit an authenticated native attacker with administrator privileges to execute some system instructions because the ‘root’ consumer

• CVE-2024-29976 – An improper privilege administration vulnerability within the command ‘show_allsessions’ that might permit an authenticated attacker to acquire a logged-in administrator’s session info containing cookies on an affected system

Outpost24 safety researcher Timothy Hjort has been credited with discovering and reporting the 5 flaws. It is value noting that the 2 of the privilege escalation flaws that require authentication stay unpatched.

Whereas there isn’t any proof that the problems have been exploited within the wild, customers are beneficial to replace to the newest model for optimum safety.