Summary: A critical command injection vulnerability (CVE-2024-40891) impacting Zyxel CPE Series devices has been exploited by hackers, allowing unauthenticated access to execute arbitrary commands. This vulnerability remains unpatched since it was identified in July 2023. Although technical details are not disclosed, exploitation activities have been observed targeting devices across multiple regions.
Affected: Zyxel CPE Series devices
Keypoints :
- Vulnerability CVE-2024-40891 allows command execution using ‘supervisor’ or ‘zyuser’ accounts without authentication.
- Active exploitation attempts have been noted, primarily via the telnet protocol; more than 1,500 devices remain exposed online.
- Recommended mitigations include blocking suspicious IPs, monitoring traffic for atypical requests, and restricting access to management interfaces.
Views: 5