More

    Business routers vulnerable to OS command injection attack



    Multiple business router models, built by the Taiwanese networking giant Zyxel, carried a critical vulnerability which allowed malicious actors to run any command, remotely. The manufacturer recently released a fix which addresses the flaw, so installing it straight away is highly recommended.

    As the company explained in an advisory, the vulnerability is described as an “input validation fault caused by improper handling of user-supplied data.” In other words, the underlying OS does not validate the data a user inputs, potentially allowing crooks to run OS command injection. The bug is tracked as CVE-2024-7261, and carries a severity score of 9.8/10 – critical.

    https://cdn.mos.cms.futurecdn.net/UJ5CFPQLDaMmXUqcw3CEXh-1200-80.jpg



    Source link

    Latest articles

    spot_imgspot_img

    Related articles

    spot_imgspot_img