Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2024-29972

CWE-78OS Command Injection6 documents6 sources
Severity
9.8CRITICAL
EPSS
92.7%
top 0.25%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Zyxel Nas326 FirmwareZyxel Nas542 Firmware
Timeline
PublishedJun 4
Latest updateSep 18

Description

** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the CGI program "remote_help-cgi" in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

CVEListV5zyxel/nas326_firmware< V5.21(AAZF.17)C0
CVEListV5zyxel/nas542_firmware< V5.21(ABAG.14)C0
NVDzyxel/nas326_firmware< 5.21\(aazf.17\)c0
NVDzyxel/nas542_firmware< 5.21\(abag.14\)c0

🔴Vulnerability Details

3
CVEList
CVE-2024-29972: ** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the CGI program "remote_help-cgi" in Zyxel NAS326 firmware versions before V52024-06-04
GHSA
GHSA-9c67-m3v4-35rv: ** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the CGI program "remote_help-cgi" in Zyxel NAS326 firmware versions before V52024-06-04
VulnCheck
Zyxel nas326_firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')2024

💥Exploits & PoCs

1
Nuclei
Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - NsaRescueAngel Backdoor Account

🔍Detection Rules

1
Suricata
ET WEB_SPECIFIC_APPS Zyxel NAS CGI Command Injection (CVE-2024-29972)2024-09-18
CVE-2024-29972 (CRITICAL CVSS 9.8) | ** UNSUPPORTED WHEN ASSIGNED ** The | cvebase.io