1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Zyxel DSL CPE OS Command Injection Vulnerability

Known Exploited Vulnerabilities CVE-2024-40891

Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the management commands that could allow an authenticated attacker to execute OS commands via Telnet.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2024-40891 Zyxel DSL CPE OS Command Injection Vulnerability exploitation_technique T1055 Process Injection
Comments
Zyxel CPE devices contain a Telnet interface that fails to properly sanitize input containing special characters, which facilitates code execution that can lead to data exfiltration, network infiltration, and total system compromise.
References
  1. https://www.cybersecuritydive.com/news/exploit-zero-day-vulnerability--zyxel/738611/
CVE-2024-40891 Zyxel DSL CPE OS Command Injection Vulnerability primary_impact T1011 Exfiltration Over Other Network Medium
Comments
Zyxel CPE devices contain a Telnet interface that fails to properly sanitize input containing special characters, which facilitates code execution that can lead to data exfiltration, network infiltration, and total system compromise.
References
  1. https://www.cybersecuritydive.com/news/exploit-zero-day-vulnerability--zyxel/738611/