CVE-2015-6018

Name of the Vulnerable Software and Affected Versions ZyXEL PMG5318-B20A versions prior to 1.00(AANC.2)C0

Description The issue is related to the diagnostic-ping implementation, which has inadequate access restrictions. This allows a remote attacker to execute arbitrary commands through the PingIPAddr parameter.

Recommendations For versions prior to 1.00(AANC.2)C0, update the firmware to version 1.00(AANC.2)C0 or later to resolve the issue. As a temporary workaround, consider restricting access to the PingIPAddr parameter to minimize the risk of exploitation.