Zyxel Wireless Access Points and Firewalls Vulnerable to Command Injection Attacks

CVECVE-2023-34141
CVSScvssV3_1: 8
SourceCVE-2023-34141

Zyxel wireless access points and firewalls were found to have a vulnerability that could allow remote command execution. The vulnerability affects Zyxel ATP series access points and firewalls running firmware versions 5.00 through 5.36 Patch 2. An attacker could potentially exploit this to run commands on the device.

The vulnerability lies in the access point management feature. This feature allows administrators to manage and configure multiple access points from a single device. However, it was discovered that an attacker could trick an authorized admin into adding their IP to the managed access point list. Once added, the attacker would be able to send crafted requests and inject OS commands through the management interface.

This type of command injection attack is very dangerous as it allows full remote control of the affected device. An attacker could then do things like download tools, change configurations, access connected devices on the network and more.

If you have any Zyxel ATP series access points or firewalls, you should immediately update to the latest firmware version to patch this vulnerability. Also make sure your admin interface has strong access controls and monitor the managed access point list regularly. Taking prompt action can help prevent remote attackers from gaining control of your wireless network devices.

References