CVE-2021-35032

Name of the Vulnerable Software and Affected Versions Zyxel GS1900 series firmware version 2.60

Description A vulnerability in the 'libsal.so' file of the Zyxel GS1900 series firmware could allow an authenticated local user to execute arbitrary OS commands via a crafted function call. The issue is related to the failure to neutralize special elements, which can be exploited through the graphical interface.

Recommendations For Zyxel GS1900 series firmware version 2.60, consider restricting access to the libsal.so file as a temporary workaround until a patch is available. Additionally, limit the use of the graphical interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.