Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2024-7261

🗓️ 03 Sep 2024 03:15:03Reported by [email protected]Type 
nvd
 nvd🔗 web.nvd.nist.gov👁 21 Views

The Zyxel NWA1123ACv3, WAC500, WAX655E, WBE530, and USG LITE 60AX devices with specified firmware versions are vulnerable to OS command execution via crafted cookies

Related
Detection
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability of Zyxel network devices’ microprogramming software arises from the lack of measures taken to neutralize special elements used in the operating system commands. This allows attackers to execute arbitrary commands.
16 Sep 202400:00
bdu_fstec
Circl		CVE-2024-7261
3 Sep 202405:45
circl
CNNVD		Zyxel多款产品 操作系统命令注入漏洞
3 Sep 202400:00
cnnvd
CVE		CVE-2024-7261
3 Sep 202402:10
cve
Cvelist		CVE-2024-7261
3 Sep 202402:10
cvelist
EUVD		EUVD-2024-48208
3 Oct 202520:07
euvd
NCSC		Vulnerability fixed in Zyxel Access Points and Secure Routers
3 Sep 202409:45
ncsc
Positive Technologies		PT-2024-6139 · Zyxel · Wax655E +4
2 Sep 202400:00
ptsecurity
RedhatCVE		CVE-2024-7261
5 Feb 202511:35
redhatcve
The Hacker News		Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers
4 Sep 202411:27
thn
Rows per page
NVD
Node
zyxelnwa110ax_firmwareRange<7.00(abtg.2)
AND
zyxelnwa110axMatch-
Node
zyxelnwa1123-ac_pro_firmwareRange<6.28(abhd.3)
AND
zyxelnwa1123-ac_proMatch-
Node
zyxelnwa1123acv3_firmwareRange<6.70(abvt.5)
AND
zyxelnwa1123acv3Match-
Node
zyxelnwa130be_firmwareRange<7.00(acil.2)
AND
zyxelnwa130beMatch-
Node
zyxelnwa210ax_firmwareRange<7.00(abtd.2)
AND
zyxelnwa210axMatch-
Node
zyxelnwa220ax-6e_firmwareRange<7.00(acco.2)
AND
zyxelnwa220ax-6eMatch-
Node
zyxelnwa50ax_firmwareRange<7.00(abyw.2)
AND
zyxelnwa50axMatch-
Node
zyxelnwa50ax_pro_firmwareRange<7.00(acge.2)
AND
zyxelnwa50ax_proMatch-
Node
zyxelnwa55axe_firmwareRange<7.00(abzl.2)
AND
zyxelnwa55axeMatch-
Node
zyxelnwa90ax_firmwareRange<7.00(accv.2)
AND
zyxelnwa90axMatch-
Node
zyxelnwa90ax_pro_firmwareRange<7.00(acgf.2)
AND
zyxelnwa90ax_proMatch-
Node
zyxelusg_lite_60ax_firmwareRange<v2.00(acip.3)
AND
zyxelusg_lite_60axMatch-
Node
zyxelwac500_firmwareRange<6.70(abvs.5)
AND
zyxelwac500Match-
Node
zyxelwac500h_firmwareRange<6.70(abwa.5)
AND
zyxelwac500hMatch-
Node
zyxelwac6103d-i_firmwareRange<6.28(aaxh.3)
AND
zyxelwac6103d-iMatch-
Node
zyxelwac6502d-s_firmwareRange<6.28(aase.3)
AND
zyxelwac6502d-sMatch-
Node
zyxelwac6503d-s_firmwareRange<6.28(aasf.3)
AND
zyxelwac6503d-sMatch-
Node
zyxelwac6552d-s_firmwareRange<6.28(abio.3)
AND
zyxelwac6552d-sMatch-
Node
zyxelwac6553d-e_firmwareRange<6.28(aasg.3)
AND
zyxelwac6553d-eMatch-
Node
zyxelwax300h_firmwareRange<7.00(achf.2)
AND
zyxelwax300hMatch-
Node
zyxelwax510d_firmwareRange<7.00(abtf.2)
AND
zyxelwax510dMatch-
Node
zyxelwax610d_firmwareRange<7.00(abte.2)
AND
zyxelwax610dMatch-
Node
zyxelwax620d-6e_firmwareRange<7.00(accn.2)
AND
zyxelwax620d-6eMatch-
Node
zyxelwax630s_firmwareRange<7.00(abzd.2)
AND
zyxelwax630sMatch-
Node
zyxelwax640s-6e_firmwareRange<7.00(accm.2)
AND
zyxelwax640s-6eMatch-
Node
zyxelwax650s_firmwareRange<7.00(abrm.2)
AND
zyxelwax650sMatch-
Node
zyxelwax655e_firmwareRange<7.00(acdo.2)
AND
zyxelwax655eMatch-
Node
zyxelwbe530_firmwareRange<7.00(acle.2)
AND
zyxelwbe530Match-
Node
zyxelwbe660s_firmwareRange<7.00(acgg.2)
AND
zyxelwbe660sMatch-

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
13 Sep 2024 19:39Current
CVSS 3.19.8
EPSS0.27875
CWE-78
zyxel nwa1123acv3wac500wax655ewbe530usg lite 60axos command executioncrafted cookiesfirmware vulnerability
21