web analytics

Zyxel Releases Emergency Security Update for NAS Devices – Source: www.databreachtoday.com

Rate this post

Source: www.databreachtoday.com – Author: 1

Endpoint Security
Governance & Risk Management
Internet of Things Security

Company Addresses Flaws in End-of-Life NAS Devices

Prajeet Nair (@prajeetspeaks) •
June 5, 2024    

Zyxel Releases Emergency Security Update for NAS Devices
A Zyxel NAS326 (Image: Zyxel)

A networking solutions vendor fixed critical vulnerabilities in end-of-life products that allow remote code execution.

See Also: Cyber Hygiene and Asset Management Perception vs. Reality

Zyxel issued an emergency security update Tuesday that addresses three critical vulnerabilities affecting its older network-attached storage devices: the NAS326 and NAS542 models, which have reached end-of-life status.

The vulnerabilities are identified as CVE-2024-29972, CVE-2024-29973 and CVE-2024-29974.

CVE-2024-29972 involves a command injection vulnerability in the CGI program remote_help-cgi that could let attackers execute OS commands via crafted HTTP POST requests.

CVE-2024-29973, another command injection vulnerability, exists in the “setCookie” parameter and could allow command execution.

CVE-2024-29974 is a remote code execution vulnerability in the CGI program file_upload-cgi that could allow attackers to run arbitrary code by uploading a crafted file.

Outpost24 security researcher Timothy Hjort uncovered these vulnerabilities along with two unpatched vulnerabilities: CVE-2024-29975 and CVE-2024-29974. They are, respectively, a local privilege escalation and a persistent remote code execution vulnerability.

The unpatched vulnerabilities could allow authenticated local attackers to execute system commands as the “root” user or obtain session information containing cookies on affected devices.

Hjort highlighted what he called poor design choices in Zyxel’s server setup. The devices’ main functions run on a server that uses CherryPy, a Python web framework, and Python 2.

Hjort said this setup relies heavily on user input being filtered and then passed into eval() function calls, which poses significant security risks. He also said that previous vulnerabilities in Zyxel NAS devices were often patched by adding more filters rather than addressing the root issue of code being dependent on eval() calls.

Original Post url: https://www.databreachtoday.com/zyxel-releases-emergency-security-update-for-nas-devices-a-25426

Category & Tags: –

Views: 1


advisor pick´S post

More Latest Published Posts