CVE-2024-11494

Name of the Vulnerable Software and Affected Versions: Zyxel P-6101C ADSL modem firmware version P-6101CSA6AP 20140331

Description: The issue is related to an improper authentication vulnerability in the Zyxel P-6101C ADSL modem firmware. This vulnerability could allow an unauthenticated attacker to read some device information via a crafted HTTP HEAD method. The attacker can exploit this vulnerability by sending a specially crafted HTTP request.

Recommendations: For Zyxel P-6101C ADSL modem firmware version P-6101CSA6AP 20140331, as a temporary workaround, consider restricting access to the device information until a patch is available. Avoid using the HTTP HEAD method in the affected firmware version until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.