Detections
Analytics
Zyxel NAS Multiple Vulnerabilities
critical Nessus Plugin ID 200515
Language:
Synopsis
The remote security gateway is affected by multiple vulnerabilities.Description
The Zyxel NAS is potentially affected by multiple vulnerabilities.- This command injection vulnerability in the 'setCookie' parameter in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute some OS commands by sending a crafted HTTP POST request. (CVE-2024-29973)
- This remote code execution vulnerability in the CGI program 'file_upload-cgi' in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute arbitrary code by uploading a crafted configuration file to a vulnerable device. (CVE-2024-29974)
- This improper privilege management vulnerability in the SUID executable binary in Zyxel NAS326 and NAS542 devices could allow an authenticated local attacker with administrator privileges to execute some system commands as the “root” user on a vulnerable device. (CVE-2024-29975)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported model number.
Solution
See Vendor Advisory.See Also
Plugin Details
Severity: Critical
ID: 200515
File Name: zyxel_nas_20240604.nasl
Version: 1.2
Type: local
Family: Misc.
Published: 6/14/2024
Updated: 6/17/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 8.4
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.3
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2024-29974
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/h:zyxel:nas
Required KB Items: installed_sw/Zyxel NAS
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 6/4/2024
Vulnerability Publication Date: 6/4/2024
Reference Information
CVE: CVE-2024-29972, CVE-2024-29973, CVE-2024-29974, CVE-2024-29975, CVE-2024-29976