5 matches found
CVE-2024-7261
The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70ABVT.4 and earlier, WAC500 firmware version 6.70ABVS.4 and earlier, WAX655E firmware version 7.00ACDO.1 and earlier, WBE530 firmware version 7.00ACLE.1 and earlier,...
Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers
Zyxel has released software updates to address a critical security flaw impacting certain access point AP and security router versions that could result in the execution of unauthorized commands. Tracked as CVE-2024-7261 CVSS score: 9.8, the vulnerability has been described as a case of operating...
CVE-2024-7261
The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70ABVT.4 and earlier, WAC500 firmware version 6.70ABVS.4 and earlier, WAX655E firmware version 7.00ACDO.1 and earlier, WBE530 firmware version 7.00ACLE.1 and earlier,...
CVE-2024-7261
The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70ABVT.4 and earlier, WAC500 firmware version 6.70ABVS.4 and earlier, WAX655E firmware version 7.00ACDO.1 and earlier, WBE530 firmware version 7.00ACLE.1 and earlier,...
CVE-2024-7261
The CVE-2024-7261 issue is an OS command injection in Zyxel devices caused by improper neutralization of the host parameter in the CGI program. Affected products and firmware ranges include Zyxel NWA1123ACv3 (6.70(ABVT.4) and earlier), WAC500 (6.70(ABVS.4) and earlier), WAX655E (7.00(ACDO.1) and ...