The vulnerability of the microprogramming software of the Zyxel EMG2926 router allows a hacker to execute arbitrary code.

The vulnerability of the Zyxel EMG2926 router’s microprogramming software is related to insufficient checking of the command arguments entered by users. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pingip parameter...

Zyxel EMG2926 Routers Command Injection Vulnerability

Zyxel EMG2926 routers contain a command injection vulnerability located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute malicious commands on the router, such as the pingip parameter to the expert/maintenance/diagnostic/nslooku...

VulnCheck KEV: CVE-2017-6884

Zyxel EMG2926 routers contain a command injection vulnerability located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute malicious commands on the router, such as the pingip parameter to the...

Zyxel EMG2926 Router OS Command Injection (CVE-2017-6884)

A command injection vulnerability exists in Zyxel EMG2926. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the router...

CVE-2017-6884

A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00AAQT.4b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such ...

CVE-2017-6884

A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00AAQT.4b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such ...

Command injection

A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00AAQT.4b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such ...

CVE-2017-6884

A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00AAQT.4b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such ...

CVE-2017-6884

The CVE-2017-6884 issue affects Zyxel EMG2926 routers (firmware around V1.00(AAQT.4)b8). The vulnerability is a command injection in the nslookup diagnostic tool that an authenticated, remote attacker can exploit via crafted HTTP requests (e.g., manipulating the ping_ip parameter in expert/mainte...

CVE-2017-6884

A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00AAQT.4b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such ...

ZyXEL EMG2926 Router Remote Command Execution Vulnerability

The ZyXEL EMG2926 is a router manufactured by Hutchinson Technology. The ZyXEL EMG2926 router suffers from an unauthenticated remote command execution vulnerability. The nslookup function is not sufficiently filtered, allowing an unauthenticated attacker to remotely execute arbitrary code...

CVE-2017-6884

A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00AAQT.4b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such ...

PT-2017-4255 · Zyxel · Zyxel Emg2926

Name of the Vulnerable Software and Affected Versions: Zyxel EMG2926 version V1.00AAQT.4b8 Description: A command injection issue was discovered in the diagnostic tools of the Zyxel EMG2926 home router, specifically in the nslookup function. This allows a malicious user to execute arbitrary...

Zyxel EMG2926 < V1.00(AAQT.4)b8 - OS Command Injection Vulnerability

Exploit for hardware platform in category remote exploits Exploit Title: Zyxel, EMG2926 /expert/maintenance/diagnostic/nslookup?nslookupbutton=nslookupbutton&pingip=google.ca%3b%20cat%20/etc/passwd&serverip= HTTP/1.1 Host: 192.168.0.1 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh...

Zyxel_ EMG2926 V1.00(AAQT.4)b8 - OS Command Injection

Zyxel EMG2926 V1.00AAQT.4b8 - OS Command Injection Exploit Title: Zyxel, EMG2926 /expert/maintenance/diagnostic/nslookup?nslookupbutton=nslookupbutton&pingip=google.ca%3b%20cat%20/etc/passwd&serverip= HTTP/1.1 Host: 192.168.0.1 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh; Intel...

Zyxel / EMG2926 Command Injection

Exploit Title: Zyxel, EMG2926 /expert/maintenance/diagnostic/nslookup?nslookupbutton=nslookupbutton&pingip=google.ca%3b%20cat%20/etc/passwd&serverip= HTTP/1.1 Host: 192.168.0.1 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10124 AppleWebKit/537.36 KHTML, like Geck...

Zyxel, EMG2926 &lt; V1.00(AAQT.4)b8 - OS Command Injection

Exploit Title: Zyxel, EMG2926 /expert/maintenance/diagnostic/nslookup?nslookupbutton=nslookupbutton&pingip=google.ca%3b%20cat%20/etc/passwd&serverip= HTTP/1.1 Host: 192.168.0.1 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10124 AppleWebKit/537.36 KHTML, like Geck...