Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Business routers vulnerable to OS command injection attack

An image of security icons for a network encircling a digital blue earth.

Multiple business router models, built by the Taiwanese networking giant Zyxel, carried a critical vulnerability which allowed malicious actors to run any command, remotely. The manufacturer recently released a fix which addresses the flaw, so installing it straight away is highly recommended.

As the company explained in an advisory, the vulnerability is described as an “input validation fault caused by improper handling of user-supplied data.” In other words, the underlying OS does not validate the data a user inputs, potentially allowing crooks to run OS command injection. The bug is tracked as CVE-2024-7261, and carries a severity score of 9.8/10 - critical.

"The improper neutralization of special elements in the parameter "host" in the CGI program of some AP and security router versions could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device," Zyxel said in the advisory.

Numerous devices affected

Multiple Zyxel access points (AP) are vulnerable to the flaw. The full list is below:

  • NWA Series: NWA50AX, NWA50AX PRO, NWA55AXE, NWA90AX, NWA90AX PRO, NWA110AX, NWA130BE, NWA210AX, NWA220AX-6E | all versions up to 7.00
  • NWA1123-AC PRO (all versions up to 6.28)
  • NWA1123ACv3, WAC500, WAC500H (all versions up to 6.70)
  • WAC Series: WAC6103D-I, WAC6502D-S, WAC6503D-S, WAC6552D-S, WAC6553D-E (all versions up to 6.28)
  • WAX Series: WAX300H, WAX510D, WAX610D, WAX620D-6E, WAX630S, WAX640S-6E, WAX650S, WAX655E (all versions up to 7.00)
  • WBE Series: WBE530, WBE660S (all versions up to 7.00).

Security router USG LITE 60AX running V2.00(ACIP.2) is also vulnerable, but this device is automatically patched, so users should be safe. In any case, if you’re using this model make sure it’s running version V2.00(ACIP.3).

Zyxel is a popular manufacturer of networking devices, with its routers, switches, and wireless access points being used by thousands of organizations worldwide. As such, it is a popular target among cybercriminals, who are always on the hunt for a new vulnerability to exploit. Zyxel customers are advised to apply the patch as soon as possible and thus secure their premises.

Via BleepingComputer

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.