CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2024-6342

CVSS 9.8v3.1pub. 2024-09-10upd. 2025-01-22

**UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability in the export-cgi program of Zyxel NAS326 firmware versions through V5.21(AAZF.18)C0 and NAS542 firmware versions through V5.21(ABAG.15)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.

🤖 AI Analysis
How it works

An attacker sends a crafted HTTP POST request to the vulnerable export-cgi program on the NAS device. The program incorrectly processes input data, allowing injection and execution of arbitrary operating system commands. The attack can be carried out remotely over the network without requiring any credentials.

Impact

An attacker can execute arbitrary operating system commands on the attacked NAS device, which in practice means full takeover of the device — including access to stored data, configuration modification, or complete device shutdown.

Mitigation & patch

Zyxel NAS326 and NAS542 products are officially unsupported by the manufacturer. Devices should be withdrawn from use as soon as possible or isolated from external networks. If continued use is necessary — restrict access to the management interface exclusively to trusted IP addresses and monitor unexpected HTTP traffic. Details available in the Zyxel security advisory dated 2024-09-10.

Who is affected

Zyxel NAS326 with firmware versions up to and including V5.21(AAZF.18)C0 and Zyxel NAS542 with firmware versions up to and including V5.21(ABAG.15)C0. It should be noted that these products were marked as unsupported (UNSUPPORTED) at the time of CVE assignment.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Zyxel Nas326

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Nas326 Firmware

    OS
    Zyxel
    5.21\(aazf.18\)c0< 5.21\(aazf.18\)c0
  • Zyxel Nas542

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Nas542 Firmware

    OS
    Zyxel
    5.21\(abag.15\)c0< 5.21\(abag.15\)c0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth BypassCommand Injection
CWE
References

Related vulnerabilities

CVE-2023-27992CRITICAL9.8⚠ KEVten sam produkt

The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AA...

CVE-2020-9054CRITICAL9.8⚠ KEVten sam produkt

Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authenticati...

CVE-2024-29973CRITICAL9.8PL ✓ten sam produkt

Command injection w parametrze setCookie urządzeń Zyxel NAS326/NAS542

CVE-2024-29972CRITICAL9.8PL ✓ten sam produkt

Command injection w Zyxel NAS326/NAS542 — nieuwierzytelnione RCE

CVE-2024-29974CRITICAL9.8PL ✓ten sam produkt

RCE w Zyxel NAS326/NAS542 — nieuwierzytelnione wykonanie kodu przez upload pliku