First published: Tue Nov 12 2024(Updated: )
A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to execute some operating system (OS) commands on an affected device by sending a crafted HTTP request.
Credit: security@zyxel.com.tw
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Zyxel GS1900-8 firmware | <2.90\(aahh.0\)c0 | |
Zyxel GS1900-8 | ||
All of | ||
Zyxel Gs1900-8hp Firmware | <2.90\(aahi.0\)c0 | |
Zyxel Gs1900-8hp | ||
All of | ||
Zyxel GS1900-10HP firmware | <2.90\(aazi.0\)c0 | |
Zyxel GS1900-10HP | ||
All of | ||
Zyxel Gs1900-16 Firmware | <2.90\(aahj.0\)c0 | |
Zyxel Gs1900-16 | ||
All of | ||
Zyxel Gs1900-24 Firmware | <2.90\(aahl.0\)c0 | |
Zyxel GS1900-24 | ||
All of | ||
Zyxel Gs1900-24e Firmware | <2.90\(aahk.0\)c0 | |
Zyxel GS1900-24E | ||
All of | ||
Zyxel Gs1900-24ep Firmware | <2.90\(abto.0\)c0 | |
Zyxel GS1900-24EP | ||
All of | ||
Zyxel Gs1900-24hpv2 Firmware | <2.90\(abtp.0\)c0 | |
Zyxel Gs1900-24hpv2 | ||
All of | ||
Zyxel Gs1900-48 Firmware | <2.90\(aahn.0\)c0 | |
Zyxel GS1900-48 | ||
All of | ||
Zyxel Gs1900-48hpv2 Firmware | <2.90\(abtq.0\)c0 | |
Zyxel Gs1900-48hpv2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.