1 results (0.001 seconds)
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12009
https://notcve.org/view.php?id=CVE-2024-12009
11 Mar 2025 — A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70(ACDZ.3.6)C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device. • https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-vulnerabilities-in-certain-dsl-ethernet-cpe-fiber-ont-and-wifi-extender-devices-03-11-2025 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •