THREAT OPS › CVEs › CVE-2024-40891
CVE-2024-40891 — Zyxel DSL CPE OS Command Injection Vulnerability
Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the management commands that could allow an authenticated attacker to execute OS commands via Telnet.
Vulnerability details
- Affected productsDSL CPE Devices
- KEV remediation due2025-03-04