- Description
- A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.
- Source
- security@zyxel.com.tw
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security@zyxel.com.tw
- CWE-78
- Hype score
- Not currently trending
CVE-2024-9200 (CVSS:7.2, HIGH) is Awaiting Analysis. A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG400..https://t.co/OZX7BxrXhg #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
8 Dec 2024
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-9200 A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)… https://t.co/7qCr7xfZgg
@CVEnew
3 Dec 2024
467 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "593C78E3-E459-4519-9313-FAA93315A6C8",
"versionEndExcluding": "5.13\\(abnp.8\\)c1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "304D3B33-F7EC-4EB3-B6EF-6BEB2112F9C0"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1009022D-5033-47D2-B310-5B0C42CA3F69",
"versionEndExcluding": "5.13\\(ably.9\\)c1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "94BE349D-EC30-4EB7-8B68-EA7223364A4B"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BFEB980C-00C4-45DB-A2C1-64F3BB69DF54",
"versionEndExcluding": "5.15\\(abqa.2.3\\)c0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "88F74228-AC0C-4150-974D-54D77BBF9A90"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD035A19-15E2-4740-A264-11D0E30777A2",
"versionEndExcluding": "5.15\\(abqa.2.3\\)c0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vmg4005-b50b_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8696573D-D3FF-4CAB-B6C0-743B8AAA20AE",
"versionEndExcluding": "5.13\\(abrl.5.2\\)c0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vmg4005-b50b:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "36B2A37B-0662-43E7-AEB4-DF0C5A30A95F"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D62F49F-1E1B-4E6E-A72A-1DEC917E21DC",
"versionEndExcluding": "5.13\\(ably.9\\)c1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C0EE70D2-51BB-4E45-8995-655C1394C440"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]