⚠ Actively exploited

Added to CISA KEV on 2023-08-07. Federal agencies required to patch by 2023-08-28. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..

CVE-2017-18368 — OS Command Injection in Zyxel P660hn-t1a V1 Firmware

CWE-78 — OS Command Injection6 documents6 sources

Severity

9.8CRITICALNVD

EPSS

93.6%

top 0.17%

CISA KEV

KEV

Added 2023-08-07

Due 2023-08-28

Exploit

Exploited in wild

Active exploitation observed

Affected products

Billion 5200w-t Firmware Zyxel P660hn-t1a V1 Firmware Zyxel P660hn-t1a V2 Firmware

Timeline

PublishedMay 2

KEV addedAug 7

KEV dueAug 28

CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the ViewLog.asp page and can be exploited through the remote_host parameter.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

▶NVDzyxel/p660hn-t1a_v1_firmware7.3.15.0

▶NVDzyxel/p660hn-t1a_v2_firmware7.3.15.0

▶NVDbillion/5200w-t_firmware7.3.8.0

🔴Vulnerability Details

GHSA

GHSA-8hjr-66w2-mg84: The ZyXEL P660HN-T1A v1 TCLinux Fw $7↗2022-05-24

▶

CVEList

CVE-2017-18368: The ZyXEL P660HN-T1A v1 TCLinux Fw $7↗2019-05-02

▶

VulnCheck

Zyxel P660HN-T1A Routers Command Injection Vulnerability↗2017

▶

🔍Detection Rules

Suricata

ET EXPLOIT Possible ZyXEL P660HN-T v1 RCE (CVE-2017-18368)↗2019-03-18

▶

📋Vendor Advisories

CISA

Zyxel P660HN-T1A Routers Command Injection Vulnerability↗2023-08-07

▶