CVE-2024-40891

Name of the Vulnerable Software and Affected Versions Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0 20170615

Description A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware allows an authenticated attacker to execute operating system (OS) commands on an affected device via Telnet. The vulnerability is being actively exploited, with over 1,500 devices at risk. Attackers can leverage this vulnerability to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration.

Recommendations As a temporary workaround, consider disabling the Telnet service on the Zyxel VMG4325-B10A device until a patch is available. Restrict access to the device's management interface to trusted IP addresses and monitor traffic for unusual Telnet requests. Apply secure communication protocols for remote access to the device. At the moment, there is no information about a newer version that contains a fix for this vulnerability.