Zyxel Router Command Injection Vulnerability (CVE-2017-6884)

high Nessus Plugin ID 185418

Synopsis

The remote router is affected by a command injection vulnerability.

Description

According to its model number and firmware revision, the remote Zyxel Router is affected by a command injection vulnerability within nslookup funciton of the diagnostic tools. An authenticated, remote attacker can exploit this, via various crafted HTTP commands, to execute arbitrary commands.

Solution

Contact vendor for remediation instructions.

See Also

http://www.nessus.org/u?2b6a48e7

Plugin Details

Severity: High

ID: 185418

File Name: zyxel_router_CVE-2017-6884.nasl

Version: 1.3

Type: remote

Family: Misc.

Published: 11/9/2023

Updated: 5/28/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2017-6884

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: x-cpe:/h:zyxel

Required KB Items: www/zyxel_router

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/2/2017

Vulnerability Publication Date: 4/2/2017

CISA Known Exploited Vulnerability Due Dates: 10/9/2023

Reference Information

CVE: CVE-2017-6884