Chengchao Ai

Name of the Vulnerable Software and Affected Versions: Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier Description: A post-authentication command injection issue in the CGI program of the Zyxel GS1900-48 switch firmware could allow an authenticated, LAN-based attacker with administrator privileges to execute some operating system (OS) commands on an affected device by sending a crafted HTTP request. The vulnerability is related to the failure to neutralize special elements used in an OS command. Recommendations: For Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier, consider disabling the CGI program temporarily as a workaround until a patch is available. Restrict access to the CGI interface to minimize the risk of exploitation. Avoid using the vulnerable firmware version until an update is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Zyxel NWA1123ACv3 versions 6.70(ABVT.4) and earlier Zyxel WAC500 versions 6.70(ABVS.4) and earlier Zyxel WAX655E versions 7.00(ACDO.1) and earlier Zyxel WBE530 versions 7.00(ACLE.1) and earlier Zyxel USG LITE 60AX version V2.00(ACIP.2) **Description** The vulnerability exists due to the improper neutralization of special elements in the `host` parameter in the CGI program, allowing an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device. This issue can be exploited remotely and may allow attackers to execute arbitrary commands on the host operating system. **Recommendations** For Zyxel NWA1123ACv3 versions 6.70(ABVT.4) and earlier, update to the latest firmware version. For Zyxel WAC500 versions 6.70(ABVS.4) and earlier, update to the latest firmware version. For Zyxel WAX655E versions 7.00(ACDO.1) and earlier, update to the latest firmware version. For Zyxel WBE530 versions 7.00(ACLE.1) and earlier, update to the latest firmware version. For Zyxel USG LITE 60AX version V2.00(ACIP.2), update to the latest firmware version. As a temporary workaround, consider restricting access to the vulnerable CGI program until a patch is available.