1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Zyxel DSL CPE OS Command Injection Vulnerability

Known Exploited Vulnerabilities CVE-2024-40890

Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the CGI program that could allow an authenticated attacker to execute OS commands via a crafted HTTP request.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability exploitation_technique T1055 Process Injection
Comments
Zyxel CPE contain an HTTP-based vulnerability that facilitates code execution that can lead to data exfiltration, network infiltration, and total system compromise. No public proof-of-concept exists for this exploit, and Zyxel has no intention of patching the vulnerability since the devices affected are end-of-life.
References
  1. https://feedly.com/cve/CVE-2024-40890
CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability primary_impact T1011 Exfiltration Over Other Network Medium
Comments
Zyxel CPE contain an HTTP-based vulnerability that facilitates code execution that can lead to data exfiltration, network infiltration, and total system compromise. No public proof-of-concept exists for this exploit, and Zyxel has no intention of patching the vulnerability since the devices affected are end-of-life.
References
  1. https://feedly.com/cve/CVE-2024-40890