CVE-2024-8881

CVSS V2 None CVSS V3 None
Description
A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to execute some operating system (OS) commands on an affected device by sending a crafted HTTP request.
Overview
  • CVE ID
  • CVE-2024-8881
  • Assigner
  • Zyxel
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-11-12T01:17:36.728Z
  • Last Modified Date
  • 2024-11-12T01:17:36.728Z
History
Created Old Value New Value Data Type Notes
2024-11-12 13:16:42 Added to TrackCVE