Security Advisory

CVE-2024-9200

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-03 01:33:47

Last updated 2024-12-06 04:55:23

Assigner Zyxel

State PUBLISHED

Description

A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.

← Browse all CVEs View on cve.org ↗