Vulnerability Description
**UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device via Telnet.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zyxel | Vmg1312-B10A Firmware | - |
| Zyxel | Vmg1312-B10A | - |
| Zyxel | Vmg1312-B10B Firmware | - |
| Zyxel | Vmg1312-B10B | - |
| Zyxel | Vmg1312-B10E Firmware | - |
| Zyxel | Vmg1312-B10E | - |
| Zyxel | Vmg3312-B10A Firmware | - |
| Zyxel | Vmg3312-B10A | - |
| Zyxel | Vmg3313-B10A Firmware | - |
| Zyxel | Vmg3313-B10A | - |
| Zyxel | Vmg3926-B10B Firmware | - |
| Zyxel | Vmg3926-B10B | - |
| Zyxel | Vmg4325-B10A Firmware | - |
| Zyxel | Vmg4325-B10A | - |
| Zyxel | Vmg4380-B10A Firmware | - |
| Zyxel | Vmg4380-B10A | - |
| Zyxel | Vmg8324-B10A Firmware | - |
| Zyxel | Vmg8324-B10A | - |
| Zyxel | Vmg8924-B10A Firmware | - |
| Zyxel | Vmg8924-B10A | - |
Related Weaknesses (CWE)
References
- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisVendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-US Government Resource
FAQ
What is CVE-2024-40891?
CVE-2024-40891 is a vulnerability with a CVSS score of 8.8 (HIGH). **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could a...
How severe is CVE-2024-40891?
CVE-2024-40891 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-40891?
Check the references section above for vendor advisories and patch information. Affected products include: Zyxel Vmg1312-B10A Firmware, Zyxel Vmg1312-B10A, Zyxel Vmg1312-B10B Firmware, Zyxel Vmg1312-B10B, Zyxel Vmg1312-B10E Firmware.