CVE-2024-9200
CVSS V2 None
CVSS V3 None
Description
A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.
Overview
- CVE ID
- CVE-2024-9200
- Assigner
- Zyxel
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-12-03T01:33:47.398Z
- Last Modified Date
- 2024-12-03T01:33:47.398Z
Weakness Enumerations
References
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-9200 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9200 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-12-03 13:24:40 | Added to TrackCVE |