#VU25597 OS Command Injection in ZyXEL Communications Corp. products - CVE-2020-9054
Published: February 25, 2020 / Updated: October 9, 2023
Vulnerability identifier: #VU25597
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber
CVE-ID: CVE-2020-9054
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vulnerable software:
Zyxel NAS 326
NAS520
NAS540
NAS542
NSA210
NSA220
NSA220+
NSA221
NSA310
NSA310S
NSA320
NSA320S
NSA325
NSA325v2
Zyxel NAS 326
NAS520
NAS540
NAS542
NSA210
NSA220
NSA220+
NSA221
NSA310
NSA310S
NSA320
NSA320S
NSA325
NSA325v2
Software vendor:
ZyXEL Communications Corp.
ZyXEL Communications Corp.
Description
The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation when processing username in the login form. A remote unauthenticated attacker can send a specially crafted HTTP request and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
The vendor has released a hotfix for the following models:
- NAS326
- NAS520
- NAS540
- NAS542