CVE-2024-8234

Summary

CVE-2024-8234 identifies a command injection vulnerability in the Zyxel NWA1100-N firmware version 1.00(AACE.1)C0, which could allow unauthenticated attackers to execute OS commands and access system files. This vulnerability affects products that utilize the specified firmware and has a base severity rating of high, with a CVSS score of 7.5. The attack vector is network-based, requiring no user interaction, and poses a significant risk due to its potential for unauthorized access to sensitive information. Remediation steps have not been explicitly provided as the firmware is unsupported; therefore, organizations should consider upgrading to supported models or implementing network security measures to mitigate this risk. Affected organizations are advised to monitor their devices closely for any signs of exploitation given the high confidentiality impact associated with this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.