#VU94650 Improper privilege management in ZyXEL Communications Corp. products - CVE-2024-1575

Vulnerability identifier: #VU94650

Vulnerability risk: Medium

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-1575

CWE-ID: CWE-269

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
NWA50AX
Hardware solutions / Routers & switches, VoIP, GSM, etc
NWA50AX-PRO
Hardware solutions / Routers & switches, VoIP, GSM, etc
NWA55AXE
Hardware solutions / Routers & switches, VoIP, GSM, etc
NWA90AX
Hardware solutions / Routers & switches, VoIP, GSM, etc
NWA90AX-PRO
Hardware solutions / Routers & switches, VoIP, GSM, etc
NWA220AX-6E
Hardware solutions / Routers & switches, VoIP, GSM, etc
WAX300H
Hardware solutions / Routers & switches, VoIP, GSM, etc
WAX620D-6E
Hardware solutions / Routers & switches, VoIP, GSM, etc
WAX630S
Hardware solutions / Routers & switches, VoIP, GSM, etc
WAX640S-6E
Hardware solutions / Routers & switches, VoIP, GSM, etc
WAX655E
Hardware solutions / Routers & switches, VoIP, GSM, etc
WBE660S
Hardware solutions / Routers & switches, VoIP, GSM, etc
NWA110AX
Hardware solutions / Firmware
NWA210AX
Hardware solutions / Firmware
NWA1123ACv3
Hardware solutions / Firmware
WAC500
Hardware solutions / Firmware
WAC500H
Hardware solutions / Firmware
WAX510D
Hardware solutions / Firmware
WAX610D
Hardware solutions / Firmware
WAX650S
Hardware solutions / Firmware

Vendor: ZyXEL Communications Corp.

Description

The vulnerability allows a remote attacker to escalate privileges.

The vulnerability exists due to improper privilege management. A remote user can escalate privileges and download the configuration files on the target device.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

NWA50AX: 6.29(ABYW.4)

NWA50AX-PRO: 6.65(ACGE.1)

NWA55AXE: 6.29(ABZL.4)

NWA90AX: 6.29(ACCV.4)

NWA90AX-PRO: 6.65(ACGF.1)

NWA110AX: 6.70(ABTG.2)

NWA210AX: 6.70(ABTD.2)

NWA220AX-6E: 6.70(ACCO.1)

NWA1123ACv3: 6.70(ABVT.1)

WAC500: 6.70(ABVS.1)

WAC500H: 6.70(ABWA.1)

WAX300H: 6.70(ACHF.1)

WAX510D: 6.70(ABTF.2)

WAX610D: 6.70(ABTE.2)

WAX620D-6E: 6.70(ACCN.1)

WAX630S: 6.70(ABZD.2)

WAX640S-6E: 6.70(ACCM.1)

WAX650S: 6.70(ABRM.2)

WAX655E: 6.70(ACDO.1)

WBE660S: 6.70(ACGG.2)

---

External links
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-07-23-2024

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.