Security Advisory

CVE-2024-8881

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-12 01:17:36

Last updated 2024-11-12 16:16:27

Assigner Zyxel

State PUBLISHED

Description

A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to execute some operating system (OS) commands on an affected device by sending a crafted HTTP request.

← Browse all CVEs View on cve.org ↗