8.8
HIGH
CVE-2024-12398
Zyxel WBE Web Management Interface Privilege Escalation Vulnerability
Description

An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device.

INFO

Published Date :

Jan. 14, 2025, 2:15 a.m.

Last Modified :

Jan. 21, 2025, 9:12 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

2.8
Affected Products

The following products are affected by CVE-2024-12398 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Zyxel nwa110ax_firmware
2 Zyxel nwa1123acv3_firmware
3 Zyxel nwa210ax_firmware
4 Zyxel nwa220ax-6e_firmware
5 Zyxel nwa50ax_firmware
6 Zyxel nwa55axe_firmware
7 Zyxel nwa90ax_firmware
8 Zyxel wac500_firmware
9 Zyxel wac500h_firmware
10 Zyxel wax510d_firmware
11 Zyxel wax610d_firmware
12 Zyxel wax620d-6e_firmware
13 Zyxel wax630s_firmware
14 Zyxel wax640s-6e_firmware
15 Zyxel wax650s_firmware
16 Zyxel wax655e_firmware
17 Zyxel wbe660s_firmware
18 Zyxel nwa110ax
19 Zyxel nwa1123acv3
20 Zyxel nwa130be_firmware
21 Zyxel nwa130be
22 Zyxel nwa210ax
23 Zyxel nwa220ax-6e
24 Zyxel nwa50ax
25 Zyxel nwa50ax_pro_firmware
26 Zyxel nwa50ax_pro
27 Zyxel nwa55axe
28 Zyxel nwa90ax
29 Zyxel nwa90ax_pro_firmware
30 Zyxel nwa90ax_pro
31 Zyxel usg_lite_60ax_firmware
32 Zyxel usg_lite_60ax
33 Zyxel wac500
34 Zyxel wac500h
35 Zyxel wax300h_firmware
36 Zyxel wax300h
37 Zyxel wax510d
38 Zyxel wax610d
39 Zyxel wax620d-6e
40 Zyxel wax630s
41 Zyxel wax640s-6e
42 Zyxel wax650s
43 Zyxel wax655e
44 Zyxel wbe530_firmware
45 Zyxel wbe530
46 Zyxel wbe660s
: Total Affected Vendor : 1 | Products : 46
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-12398.

URL Resource
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-and-security-router-devices-01-14-2025 Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-12398 vulnerability anywhere in the article.

  • TheCyberThrone
CVE-2023-37936 impacts Fortinet FortiSwitch

CVE-2023-37936 is a critical security vulnerability identified in Fortinet FortiSwitch devices. This vulnerability is particularly severe due to its potential to allow unauthorized code execution, lea ... Read more

Published Date: Jan 16, 2025 (2 months, 2 weeks ago)
CVE-2024-55591 CVE-2023-37936 CVE-2024-12398 CVE-2024-5594 CVE-2024-44243 CVE-2024-47575
  • TheCyberThrone
Ivanti fixes Critical Security Vulnerabilities in EPM

OverviewIvanti has recently addressed multiple critical and high-severity vulnerabilities in its Endpoint Manager (EPM) software. These vulnerabilities could allow unauthorized access, remote code exe ... Read more

Published Date: Jan 16, 2025 (2 months, 2 weeks ago)
CVE-2024-13161 CVE-2024-13160 CVE-2024-13159 CVE-2024-13181 CVE-2024-13180 CVE-2024-13179 CVE-2024-10811 CVE-2024-10630 CVE-2024-55591 CVE-2024-12398 ...+10 more CVE
  • TheCyberThrone
CVE-2024-50603 impacts Aviatrix with Cryptomining

CVE-2024-50603 is a critical security vulnerability identified in the Aviatrix Controller, a cloud networking platform used to manage and secure cloud infrastructure across multiple providers. This vu ... Read more

Published Date: Jan 16, 2025 (2 months, 2 weeks ago)
CVE-2024-55591 CVE-2024-12398 CVE-2024-50603 CVE-2024-5594 CVE-2024-44243
  • TheCyberThrone
CVE-2024-44243: macOS SIP Bypass Flaw

CVE-2024-44243 is a critical vulnerability discovered in macOS that allows attackers to bypass Apple’s System Integrity Protection (SIP) by exploiting third-party kernel extensions. This vulnerability ... Read more

Published Date: Jan 15, 2025 (2 months, 2 weeks ago)
CVE-2024-55591 CVE-2024-12398 CVE-2024-5594 CVE-2024-54677 CVE-2024-50379 CVE-2024-44243 CVE-2024-49415
  • TheCyberThrone
Google Chrome fixes 16 flaws with the latest version

Google has released version 132.0.6834.83/84 of its Chrome browser on January 14, 2025. This update addresses several critical security vulnerabilities to enhance the browser’s security and stability. ... Read more

Published Date: Jan 15, 2025 (2 months, 2 weeks ago)
CVE-2025-0448 CVE-2025-0447 CVE-2025-0446 CVE-2025-0443 CVE-2025-0442 CVE-2025-0441 CVE-2025-0440 CVE-2025-0439 CVE-2025-0438 CVE-2025-0437 ...+8 more CVE
  • TheCyberThrone
CISA adds Fortinet flaw CVE-2024-55591 to KEV Catalog

CVE-2024-55591 is a critical vulnerability affecting Fortinet’s FortiOS and FortiProxy devices. This vulnerability allows a remote attacker to bypass authentication mechanisms and gain super-admin pri ... Read more

Published Date: Jan 15, 2025 (2 months, 2 weeks ago)
CVE-2024-55591 CVE-2024-12398 CVE-2024-12847 CVE-2024-5594 CVE-2024-54677 CVE-2024-50379 CVE-2024-49415 CVE-2024-47575
  • TheCyberThrone
Microsoft Patch Tuesday- January 2025

Microsoft released the January 2025 Patch Tuesday updates on January 14, 2025, focusing on addressing critical security vulnerabilities across various Microsoft products. This update cycle includes se ... Read more

Published Date: Jan 15, 2025 (2 months, 2 weeks ago)
CVE-2025-21395 CVE-2025-21366 CVE-2025-21362 CVE-2025-21354 CVE-2025-21335 CVE-2025-21334 CVE-2025-21333 CVE-2025-21311 CVE-2025-21309 CVE-2025-21308 ...+9 more CVE
  • TheCyberThrone
CVE-2024-12398 impacts Zyxel Devices

CVE-2024-12398 is a critical vulnerability discovered in the web management interface of certain Zyxel devices. This vulnerability allows an authenticated user with limited privileges to escalate thei ... Read more

Published Date: Jan 14, 2025 (2 months, 2 weeks ago)
CVE-2024-12398 CVE-2024-12847 CVE-2024-5594 CVE-2024-54498 CVE-2024-49415 CVE-2024-11667
  • Cybersecurity News
Linux Kernel Privilege Escalation Vulnerability (CVE-2024-27397) Exploited: PoC Released

Security researcher liona24 has provided an in-depth analysis and a proof-of-concept (PoC) exploit code for CVE-2024-27397, a vulnerability in the Linux kernel’s netfilter nf_tables component. This us ... Read more

Published Date: Jan 14, 2025 (2 months, 2 weeks ago)
CVE-2024-12398 CVE-2024-41827 CVE-2024-27397
  • Cybersecurity News
Zyxel Urges Patch Application for Privilege Escalation Vulnerability (CVE-2024-12398)

Zyxel has issued an advisory for a newly identified security vulnerability, CVE-2024-12398, that affects multiple access points (AP) and security routers. With a CVSS score of 8.8, this vulnerability ... Read more

Published Date: Jan 14, 2025 (2 months, 2 weeks ago)
CVE-2024-12398 CVE-2024-11667 CVE-2023-33010 CVE-2023-33009 CVE-2022-43389

The following table lists the changes that have been made to the CVE-2024-12398 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Initial Analysis by [email protected]

    Jan. 21, 2025

    Action Type Old Value New Value
    Added CWE NIST NVD-CWE-noinfo
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(abtg.1\) OR cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.70\(abvt.6\) OR cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:nwa130be_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(acil.1\) OR cpe:2.3:h:zyxel:nwa130be:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(abtd.1\) OR cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(acco.1\) OR cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(abyw.1\) OR cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:nwa50ax_pro_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(acge.1\) OR cpe:2.3:h:zyxel:nwa50ax_pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(abzl.1\) OR cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(accv.1\) OR cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:nwa90ax_pro_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(acgf.1\) OR cpe:2.3:h:zyxel:nwa90ax_pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:usg_lite_60ax_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.10\(acip.0\) OR cpe:2.3:h:zyxel:usg_lite_60ax:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.70\(abvs.6\) OR cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.70\(abwa.6\) OR cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(achf.1\) OR cpe:2.3:h:zyxel:wax300h:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(abtf.1\) OR cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(abte.1\) OR cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(accn.1\) OR cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(abzd.1\) OR cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(accm.1\) OR cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(abrm.1\) OR cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(acdo.1\) OR cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.10\(acle.1\) OR cpe:2.3:h:zyxel:wbe530:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 7.00\(acgg.1\) OR cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*
    Changed Reference Type https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-and-security-router-devices-01-14-2025 No Types Assigned https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-and-security-router-devices-01-14-2025 Vendor Advisory
  • New CVE Received by [email protected]

    Jan. 14, 2025

    Action Type Old Value New Value
    Added Description An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device.
    Added CVSS V3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Added CWE CWE-269
    Added Reference https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-and-security-router-devices-01-14-2025
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-12398 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-12398 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: