THREATOPS
THREAT OPSCVEs › CVE-2024-40891

CVE-2024-40891 — Zyxel DSL CPE OS Command Injection Vulnerability

CISA KEVExploited: confirmedZyxel

Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the management commands that could allow an authenticated attacker to execute OS commands via Telnet.

Vulnerability details