#VU91249 Improper Privilege Management in NAS326 and NAS542
Vulnerability identifier: #VU91249
Vulnerability risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-269
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
NAS326
Hardware solutions /
Routers for home users
NAS542
Hardware solutions /
Routers for home users
Vendor: ZyXEL Communications Corp.
Description
The vulnerability allows a local user to escalate privileges.
The vulnerability exists due to improper privilege management in the SUID executable binary. A local administrator can execute system commands as the "root" on the target device.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
NAS326: 5.21(AAZF.16)C0
NAS542: 5.21(ABAG.13)C0
External links
http://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024
http://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
