CVE-2024-11667
Zyxel Multiple Firewalls Path Traversal Vulnerabil - [Actively Exploited]
Description
A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL.
INFO
Published Date :
Nov. 27, 2024, 10:15 a.m.
Last Modified :
Dec. 5, 2024, 6:41 p.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
5.9
Exploitability Score :
3.9
CISA KEV (Known Exploited Vulnerabilities)
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
Multiple Zyxel firewalls contain a path traversal vulnerability in the web management interface that could allow an attacker to download or upload files via a crafted URL.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-21-2024 ; https://nvd.nist.gov/vuln/detail/CVE-2024-11667
Public PoC/Exploit Available at Github
CVE-2024-11667 has a 2 public PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
Affected Products
The following products are affected by CVE-2024-11667
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-11667.
| URL | Resource |
|---|---|
| https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-27-2024 | Vendor Advisory |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
None
Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.
cisa-kev vulnerability 0day cisa exploits
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-11667 vulnerability anywhere in the article.
-
TheCyberThrone
Most Exploited Vulnerabilities in 2024 Top 20 Analysis
In 2024, the cybersecurity landscape saw a significant number of exploited vulnerabilities, highlighting the ongoing challenges organizations face in protecting their systems and data.Some key trends ... Read more
-
Cybersecurity News
CVE-2024-49775 (CVSS 9.8): Critical Vulnerability in Siemens UMC Exposes Systems to Remote Exploitation
Siemens has disclosed a critical heap-based buffer overflow vulnerability (CVE-2024-49775) in its User Management Component (UMC), a core element integrated into several of its products. If exploited, ... Read more
-
The Hacker News
⚡ THN Recap: Top Cybersecurity Threats, Tools and Tips (Dec 2 - 8)
Cyber Threats / Weekly Recap This week's cyber world is like a big spy movie. Hackers are breaking into other hackers' setups, sneaky malware is hiding in popular software, and AI-powered scams are tr ... Read more
-
The Register
Blue Yonder ransomware termites claim credit
Infosec in brief Still smarting over that grocery disruption caused by a ransomware attack on supply chain SaaS vendor Blue Yonder? Well, now you have someone to point a finger at: the Termite ransomw ... Read more
-
The Cyber Express
CISA Adds Three Critical Vulnerabilities to KEV Catalog: Immediate Action Urged
The Cybersecurity and Infrastructure Security Agency (CISA) recently updated its Known Exploited Vulnerabilities (KEV) Catalog, adding three critical vulnerabilities that are being actively exploited ... Read more
-
The Hacker News
CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel
Vulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple security flaws affecting products from Zyxel, North Grid Proself, ProjectSend, and C ... Read more
-
security.nl
VS meldt actief misbruik van path traversal-lek in Zyxel-firewalls
Aanvallers maken actief misbruik van een path traversal-lek in firewalls van fabrikant Zyxel, zo waarschuwt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse ministerie v ... Read more
-
Cybersecurity News
CISA Flags Three Actively Exploited Vulnerabilities in Critical Systems
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding three critical security vulnerabilities actively exploited in the wild. These vulnerabilities, now included in ... Read more
-
TheCyberThrone
CISA KEV Catalog Update Part I – December 2024
The US CISA has added the below vulnerabilities to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitation.CVE-2023-45727 Tracked as CWE-611, North Grid Proself Enterp ... Read more
-
TheCyberThrone
The CyberThrone Most Exploited Vulnerabilities Top 10 – November 2024
Welcome to TheCyberThrone most exploited vulnerabilities review. This review is for the month of November 2024CVE-2024-9463: Palo Alto OS Command InjectionCVSS 3.1 Score : 9.9 CISA KEV: YesThis vuln ... Read more
-
TheCyberThrone
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – November, 2024
Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending November, 2024Subscribers favorite #1Apache Airf ... Read more
-
TheCyberThrone
INC Ransom claimed responsibility on Alder Hey Children’s Trust attack
On November 28, the ransomware group INC Ransom claimed to have compromised sensitive data from Alder Hey Children’s NHS Foundation Trust in Liverpool, UK. They posted on their data leak site that the ... Read more
-
TheCyberThrone
Zabbix tool affected by CVE-2024-42327
Zabbix, an open-source application monitoring tool, is warning its customers of a new critical vulnerability that could lead to full system compromise.The vulnerability tracked as CVE-2024-42327 with ... Read more
-
The Cyber Express
Critical ICS Vulnerabilities Discovered in Schneider Electric, mySCADA, and Automated Logic Products
A recent Cyble ICS vulnerabilities report sheds light on several critical vulnerabilities in industrial control systems (ICS) from major vendors including Schneider Electric, mySCADA, and Automated Lo ... Read more
-
The Cyber Express
Zyxel Firewalls Targeted by Helldown Ransomware: CVE-2024-11667 Exploited
Zyxel Firewalls have become a key target in recent cyberattacks, with attackers exploiting a critical vulnerability to deploy the dangerous Helldown ransomware. The German CERT (CERT-Bund) has issued ... Read more
-
Cybersecurity News
CVE-2024-11667: Critical Vulnerability in Zyxel Firewalls Actively Exploited
CERT Germany (CERT-Bund) and Zyxel have warned of actively exploiting a critical vulnerability in Zyxel firewalls. This vulnerability tracked as CVE-2024-11667, is being leveraged to deploy Helldown r ... Read more
The following table lists the changes that have been made to the
CVE-2024-11667 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Initial Analysis by [email protected]
Dec. 05, 2024
Action Type Old Value New Value Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Added CPE Configuration AND OR *cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:* versions from (including) 5.00 up to (including) 5.38 OR cpe:2.3:h:zyxel:atp:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:* versions from (including) 5.00 up to (including) 5.38 OR cpe:2.3:h:zyxel:usg_flex:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:usg_flex_100ax:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:* versions from (including) 5.10 up to (including) 5.38 OR cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:* versions from (including) 5.10 up to (including) 5.38 OR cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:* Changed Reference Type https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-27-2024 No Types Assigned https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-27-2024 Vendor Advisory -
CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725
Dec. 04, 2024
Action Type Old Value New Value Added Date Added 2024-12-03 Added Due Date 2024-12-24 Added Required Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Added Vulnerability Name Zyxel Multiple Firewalls Path Traversal Vulnerability -
CVE Modified by [email protected]
Nov. 28, 2024
Action Type Old Value New Value Added Reference https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-27-2024 Removed Reference https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-21-2024 -
New CVE Received by [email protected]
Nov. 27, 2024
Action Type Old Value New Value Added Description A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL. Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Added CWE CWE-22 Added Reference https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-21-2024
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-11667 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-11667
weaknesses.