CVE-2024-40891 - Zyxel DSL CPE OS Command Injection Vulnerability

Zyxel | DSL CPE Devices

• Date Added:
• 2025-02-11

• Due Date:
• 2025-03-04

Vulnerability Name

Zyxel DSL CPE OS Command Injection Vulnerability

Description

Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the management commands that could allow an authenticated attacker to execute OS commands via Telnet.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization if a current mitigation is unavailable.

Additional Notes

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-insecure-default-credentials-vulnerabilities-in-certain-legacy-dsl-cpe-02-04-2025 ; https://www.zyxel.com/service-provider/global/en/security-advisories/zyxel-security-advisory-command-injection-insecure-in-certain-legacy-dsl-cpe-02-04-2025 ; https://nvd.nist.gov/vuln/detail/CVE-2024-40891

Latest Security News

Microsoft: Hackers steal emails in device code phishing attacks

Android's New Feature Blocks Fraudsters from Sideloading Apps During Calls

Hackers exploit authentication bypass in Palo Alto Networks PAN-OS

New "whoAMI" Attack Exploits AWS AMI Name Confusion for Remote Code Execution

This Security Firm's 'Bias' Is Also Its Superpower

Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks

SonicWall firewall bug leveraged in attacks after PoC exploit release

PirateFi game on Steam caught installing password-stealing malware

Top Alert List

Content Security Policy (CSP) Header Not Set

CSP

MediumMissing Anti-clickjacking Header

MediumAbsence of Anti-CSRF Tokens

InformationalInformation Disclosure - Suspicious Comments

MediumContent Security Policy (CSP) Header Not Set

InformationalModern Web Application

LowCross-Domain JavaScript Source File Inclusion

InformationalRe-examine Cache-control Directives

LowX-Content-Type-Options Header Missing

Top CVE List

CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability

CVE-2024-41710 Mitel SIP Phones Argument Injection Vulnerability

CVE-2024-57727 SimpleHelp Path Traversal Vulnerability

CVE-2018-19410 Paessler PRTG Network Monitor Local File Inclusion Vulnerability

CVE-2025-21391 Microsoft Windows Storage Link Following Vulnerability

CVE-2025-0411 7-Zip Mark of the Web Bypass Vulnerability

CVE-2025-24200 Apple iOS and iPadOS Incorrect Authorization Vulnerability

CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability

CVE-2017-6736 Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability

CVE-2020-15069 Sophos XG Firewall Buffer Overflow Vulnerability

Common CWEs

CWE-55 Path Equivalence: '/./' (Single Dot Directory)

CWE-826 Premature Release of Resource During Expected Lifetime

CWE-651 Exposure of WSDL File Containing Sensitive Information

HighCWE-234 Failure to Handle Missing Parameter

CWE-1357 Reliance on Insufficiently Trustworthy Component

LowCWE-462 Duplicate Key in Associative List (Alist)

CWE-1247 Improper Protection Against Voltage and Clock Glitches

CWE-1240 Use of a Cryptographic Primitive with a Risky Implementation

CWE-1124 Excessively Deep Nesting

HighCWE-645 Overly Restrictive Account Lockout Mechanism