CVE-2024-40891
Zyxel DSL CPE OS Command Injection Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
YesDecision
Descriptions
A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device via Telnet.
**UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device via Telnet.
Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the management commands that could allow an authenticated attacker to execute OS commands via Telnet.
CVSS Scores
SSVC
- Decision:Act
Timeline
- 2024-07-11 CVE Reserved
- 2025-02-04 CVE Published
- 2025-02-11 Exploited in Wild
- 2025-03-04 KEV Due Date
- 2025-07-30 CVE Updated
- 2025-08-16 EPSS Updated
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Zyxel Search vendor "Zyxel" | VMG4325-B10A Firmware Search vendor "Zyxel" for product "VMG4325-B10A Firmware" | <= 1.00 Search vendor "Zyxel" for product "VMG4325-B10A Firmware" and version " <= 1.00" | en |
Affected
| ||||||