Overview
- Description
- A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL.
- Source
- security@zyxel.com.tw
- NVD status
- Received
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
Weaknesses
- security@zyxel.com.tw
- CWE-22
Social media
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
برای فایروال Zyxel آسیب پذیری با کد شناسایی CVE-2024-11667 و از نوع Directory Traversal منتشر شده است. این آسیب پذیری در قسمت Web management مربوط به این فایروال وجود دارد. نسخه های بین 5.00 تا 5.38 این محصول دارای این آسیب پذیری هستند. https://t.co/Poz3aKY03t https://t.co/WruZWy
@AmirHossein_sec
2 Dec 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A directory traversal flaw in Zyxel Firewalls is being actively exploited in the wild. CVE-2024-11667 is a directory traversal flaw in the web management interface of ZLD firewall firmware. Exploitation allows threat actors to send maliciously crafted URLs to bypass directory… h
@cybercitizen7
2 Dec 2024
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11667: Critical Vulnerability in Zyxel Firewalls Actively Exploited https://t.co/kyzwtLejP4
@CrowdCyber_Com
30 Nov 2024
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Zyxel Firewalls exploited using CVE-2024-11667 #ZyxelFirewalls #CVE-2024-11667 https://t.co/jjBRPBIItP
@pravin_karthik
29 Nov 2024
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Vague d'attaques exploitant les vulnérabilités du pare-feu Zyxel. Les versions 5.00 à 5.38 sont affectées (CVE-2024-11667). Mettez à jour vos systèmes dès que possible ! #Cybersécurité, #Cyberattaques, #Zyxel, #PareFeu https://t.co/XlAdIamOf9 https://t.co/iY3QwjHVlk
@bexxoch
29 Nov 2024
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11667: Kritisk sårbarhet i Zyxel brannmurer utnyttes aktivt. Integer Overflow-sårbarhet i Windows-driver muliggjør Privilege Escalation, PoC publisert. CVE-2024-52951 XSS i Omada Identity. https://t.co/WklSosXveP
@TelenorSOC
29 Nov 2024
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11667: Directory Traversal in Zyxel Firewalls, 7.3 rating❗️ Vuln in the web interface of some firewalls allows an attacker to download or upload files. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/l3Umxq6cb0 #cybersecurity #vulnerability_map #zyxel https:/
@Netlas_io
29 Nov 2024
354 Impressions
2 Retweets
10 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2024-11667: Critical Vulnerability in Zyxel Firewalls Actively Exploited https://t.co/BmuPG1tM7v
@Dinosn
29 Nov 2024
2534 Impressions
10 Retweets
19 Likes
6 Bookmarks
0 Replies
1 Quote
CVE-2024-11667: Critical Vulnerability in Zyxel Firewalls Actively Exploited Beware of the critical vulnerability CVE-2024-11667 in #Zyxel firewalls. Learn how attackers are exploiting it to deploy Helldown ransomware. https://t.co/14FZrgih2L
@the_yellow_fall
29 Nov 2024
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
German CERT warns that Zyxel firewalls are being exploited via a critical vulnerability (CVE-2024-11667) to deploy Helldown ransomware, urging immediate firmware updates and enhanced security measures to mitigate risks. #CyberSecurity #Ransomware https://t.co/F1e4WctDQL
@Cyber_O51NT
29 Nov 2024
650 Impressions
2 Retweets
5 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2024-11667 A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00… https://t.co/Y2Nck8ADqq
@CVEnew
27 Nov 2024
495 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes