FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2024-8882

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE-120)

Published: Nov 12, 2024 / Updated: 8d ago

010
CVSS 4.5EPSS 0.04%Medium
CVE info copied to clipboard

Summary

A buffer overflow vulnerability exists in the CGI program of the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier. This vulnerability could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service (DoS) conditions via a crafted URL.

Impact

If exploited, this vulnerability could lead to a denial of service (DoS) condition on the affected Zyxel switches. This could result in network disruption and potential downtime for systems relying on these switches. The impact is limited to availability, with no direct effect on confidentiality or integrity of the system.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. Zyxel has released updated firmware versions to address this vulnerability. The patched versions are: - GS1900-8: Version 2.90(AAHH.0)C0 or later - GS1900-8HP: Version 2.90(AAHI.0)C0 or later - GS1900-10HP: Version 2.90(AAZI.0)C0 or later - GS1900-16: Version 2.90(AAHJ.0)C0 or later - GS1900-24: Version 2.90(AAHL.0)C0 or later - GS1900-24E: Version 2.90(AAHK.0)C0 or later - GS1900-24EP: Version 2.90(ABTO.0)C0 or later - GS1900-24HPv2: Version 2.90(ABTP.0)C0 or later - GS1900-48: Version 2.90(AAHN.0)C0 or later - GS1900-48HPv2: Version 2.90(ABTQ.0)C0 or later

Mitigation

1. Update affected Zyxel GS1900 series switches to the latest firmware versions as provided by the vendor. 2. If immediate patching is not possible, implement network segmentation to restrict access to the affected switches from untrusted networks. 3. Ensure that only authorized administrators have access to the switch management interface. 4. Monitor for any suspicious activities or unexpected behaviors on the affected switches. 5. Implement strong authentication mechanisms for administrator accounts. 6. Regularly review and audit administrator account access and activities.

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-8882

Nov 12, 2024 at 2:15 AM
First Article

Feedly found the first article mentioning CVE-2024-8882. See article

Nov 12, 2024 at 2:20 AM / Vulners.com RSS Feed
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Nov 12, 2024 at 2:20 AM
EPSS

EPSS Score was set to: 0.04% (Percentile: 10.1%)

Nov 12, 2024 at 9:54 AM
Static CVE Timeline Graph

Affected Systems

Zyxel/gs1900-10hp_firmware
+null more

Patches

www.zyxel.com
+null more

Attack Patterns

CAPEC-10: Buffer Overflow via Environment Variables
+null more

References

Zyxel security advisory for post-authentication command injection and buffer overflow vulnerabilities in GS1900 series switches
Zyxel / 8d
Summary Zyxel has released patches for GS1900 series switches affected by post-authentication command injection and buffer overflow vulnerabilities. Users are advised to install them for optimal protection. What are the vulnerabilities? CVE-2024-8881 A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900 series switches firmware could allow an authenticated, LAN-based attacker with administrator privileges to execute some operating system (OS) commands on an affected device by sending a crafted HTTP request. CVE-2024-8882 A buffer overflow vulnerability in the CGI program in the Zyxel GS1900 series switches firmware could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service (DoS) conditions via a crafted URL. What versions are vulnerable—and what should you do? After a thorough investigation, we have identified the vulnerable products that are within their vulnerability support period, with their firmware patches shown in the table below. Got a question? Please contact your local service rep or visit Zyxel’s Community for further information or assistance. Acknowledgment Thanks to the following security researchers:

News

Medium - CVE-2024-8882 - A buffer overflow vulnerability in the CGI...
Security-Database Alerts Monitor : Last 100 Alerts / 7d
A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator...
CVE-2024-8882
Newest CVEs from Tenable / 7d
Medium Severity Description A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service (DoS) conditions via a crafted URL. Read more at https://www.tenable.com/cve/CVE-2024-8882
null
8d
Zyxel - MEDIUM - CVE-2024-8882 A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service (DoS) conditions via a crafted URL.
CVE-2024-8882 - Zyxel GS1900-48 Buffer Overflow DoS
Latest Vulnerabilities / 8d
CVE ID : CVE-2024-8882 Published : Nov. 12, 2024, 2:15 a.m. 46 minutes ago Description : A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service (DoS) conditions via a crafted URL. Severity: 4.5 MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-8882
Vulners.com RSS Feed / 8d
A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service (DoS) conditions via a crafted...
See 5 more articles and social media posts

CVSS V3.1

Attack Vector:Adjacent_network
Attack Complexity:Low
Privileges Required:High
User Interaction:None
Scope:Unchanged
Confidentiality:None
Integrity:None
Availability Impact:High

Categories

CVSS 4.5(21798)CWE-120(2833)Zyxel(259)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial