Published on July 9th, 2024
Zyxel has released security updates targeting critical vulnerabilities affecting two network-attached storage (NAS) devices that have reached end-of-life (EoL) status.
Successful exploitation of three out of five vulnerabilities could lead to unauthorized execution of operating system (OS) commands and arbitrary code on affected systems.
Impacted Models And Resolutions
The affected models are NAS326 (versions V5.21(AAZF.16)C0 and earlier) and NAS542 (versions V5.21(ABAG.13)C0 and earlier).
The vulnerabilities have been addressed in versions V5.21(AAZF.17)C0 and V5.21(ABAG.14)C0, respectively.
Description of Flaws
The vulnerabilities include:
- CVE-2024-29972: Command injection in “remote_help-cgi”
- CVE-2024-29973: Command injection in the ‘setCookie’ parameter
- CVE-2024-29974: Remote code execution in ‘file_upload-cgi’
- CVE-2024-29975: Improper privilege management in SUID executable binary
- CVE-2024-29976: Improper privilege management in ‘show_allsessions’ command
Discoverer And Patch Status
The flaws were discovered and reported by Outpost24 security researcher Timothy Hjort.
Notably, two privilege escalation flaws requiring authentication remain unpatched.
Recommendations
Apply the Update Immediately:
While there are no reports of these vulnerabilities being exploited in the wild, it’s crucial to update your NAS device to the patched firmware versions (V5.21(AAZF.17)C0 for NAS326 and V5.21(ABAG.14)C0 for NAS542) as soon as possible. Even though these models are EoL, patching is essential due to the severity of the vulnerabilities.
Enable Automatic Updates (if available): Consider enabling automatic updates on your NAS and other devices whenever possible to ensure you receive security patches promptly.
Implement Additional Security Measures (for unpatched vulnerabilities):
- While a patch isn’t available yet for the two unpatched vulnerabilities, you can take steps to mitigate the risk.
- Enforce strong passwords for NAS accounts and restrict access to only authorized users.
- Regularly monitor your network for suspicious activity.
Back Up Your Data Regularly: It’s a general security best practice to regularly back up your data to a separate location. This ensures you have a copy of your data in case of a security incident, hardware failure, or accidental deletion.