Zyxel security advisory for post-authentication command injection and buffer overflow vulnerabilities in GS1900 series switches
CVEs: CVE-2024-8881, CVE-2024-8882
Summary
Zyxel has released patches for GS1900 series switches affected by post-authentication command injection and buffer overflow vulnerabilities. Users are advised to install them for optimal protection.
What are the vulnerabilities?
CVE-2024-8881
A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900 series switches firmware could allow an authenticated, LAN-based attacker with administrator privileges to execute some operating system (OS) commands on an affected device by sending a crafted HTTP request.
CVE-2024-8882
A buffer overflow vulnerability in the CGI program in the Zyxel GS1900 series switches firmware could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service (DoS) conditions via a crafted URL.
What versions are vulnerable—and what should you do?
After a thorough investigation, we have identified the vulnerable products that are within their vulnerability support period, with their firmware patches shown in the table below.
Affected model | Affected version | Patch availability |
---|---|---|
GS1900-8 | V2.80(AAHH.1)C0 and earlier | V2.90(AAHH.0)C0 |
GS1900-8HP | V2.80(AAHI.1)C0 and earlier | V2.90(AAHI.0)C0 |
GS1900-10HP | V2.80(AAZI.1)C0 and earlier | V2.90(AAZI.0)C0 |
GS1900-16 | V2.80(AAHJ.1)C0 and earlier | V2.90(AAHJ.0)C0 |
GS1900-24 | V2.80(AAHL.1)C0 and earlier | V2.90(AAHL.0)C0 |
GS1900-24E | V2.80(AAHK.1)C0 and earlier | V2.90(AAHK.0)C0 |
GS1900-24EP | V2.80(ABTO.1)C0 and earlier | V2.90(ABTO.0)C0 |
GS1900-24HPv2 | V2.80(ABTP.1)C0 and earlier | V2.90(ABTP.0)C0 |
GS1900-48 | V2.80(AAHN.1)C0 and earlier | V2.90(AAHN.0)C0 |
GS1900-48HPv2 | V2.80(ABTQ.1)C0 and earlier | V2.90(ABTQ.0)C0 |
Got a question?
Please contact your local service rep or visit Zyxel’s Community for further information or assistance.
Acknowledgment
Thanks to the following security researchers:
- Chengchao Ai from the ROIS team of Fuzhou University for CVE-2024-8881
- Xing Yang from the ROIS team of Fuzhou University for CVE-2024-8882
Revision history
2024-11-12: Initial release.