CVE-2024-40891CISA KEV: Actively Exploited

Zyxel DSL CPE OS Command Injection Vulnerability

Published Feb 11, 2025·Updated Feb 11, 2025

Description

Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the management commands that could allow an authenticated attacker to execute OS commands via Telnet.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free