Zyxel will not patch the newly used defects in the routers at the end of his life

Date:

Zyxel gave a security advice on actively used defects in the CPE series devices, warning that there are not any plans to publish corrections and inspiring users to maneuver to actively supported models.

Vulncheck discovered two disadvantages in July 2024, but last week Greynoise announced that he saw attempts to take advantage of in the wild.

- Advertisement -

According to FOFA scanning networks and universal lists, over 1,500 CPE Zyxel series devices are exposed to the Internet, so the attack area is critical.

In today’s recent post, Vulncheck presented the full details of two defects, which he observed in attacks aimed at gaining initial access to the network:

  • Cve-2024-40891 – Authenticated users can use the Telnet injection injection attributable to the improper checking of the correctness of the command at libcms_clli.so. Some commands (e.g. IFCONFIG, PING, TFTP) are transmitted not to the coating function, enabling any code to be performed with the SPEEK. Metachary.
  • Cve-2025-0890 – Devices use weak default certificates (Administrator: 1234, Zyuser: 1234, Supervisor: Zyad1234), whose many users do not change. The postponed account has hidden privileges, providing full system access, while Zyuser can use the CVE-2024-40891 to perform a distant code.
Default accounts in the /etc/default.cfg file.
Default accounts in file /etc/default.cfg

Vulncheck revealed full exploitation details, showing its POC against VMG4325-B10A Loading firmware in version 1.00 (Aafr.4) C0_20170615.

Telnet command injection
Telnet command injection

Scientists have warned that despite the incontrovertible fact that these devices are not any longer supported for a few years, they’re still in networks around the world.

“While these systems are older and seemingly long, they remain very important due to their further use around the world and permanent interest of attackers” Warned Vulncheck

“The fact that the attackers still actively use these routers emphasize the need for attention, because understanding attacks in the real world is crucial for effective security research.”

Zyxel suggests alternative

The latest Zyxel advisor confirms the vulnerability revealed by Vulncheck today affect many products at the end of life (EOL).

The seller states that the affected devices reached EOL a number of years ago, suggesting them to exchange them with newer generated equipment.

“We confirmed that the affected models reported by Vulncheck, VMG1312-B10A, VMG1312-B10B, VMG1312-B10E, VMG3312-B10A, VMG33313-B10A, VMG3926-B10B, VMG4325-B10A, VMG4380-B10A , VMG832424-B10A, VMG8324-B10A B10A, SBG3300 and SBG3500 are older products that have reached the end of life for years (EOL) ” Reads Zyxel’s advice.

“Therefore, we strongly recommend that users replace them with new generation products for optimal protection.”

Zyxel also accommodates the third drawback in the advisor, CVE-2024-40890The problem of injecting the command after authentic much like the CVE-2014-40891.

Interestingly, Zyxel claims that although he asked Vulncheck to divide an in depth report since July last yr, never. Instead, they allegedly published their article without informing them.

Rome
Romehttps://globalcmd.com/
Rome: Visionary Founder of the GlobalCommand Ecosystem (GlobalCmd.com | GLCND.com | GlobalCmd A.I.) Rome is the innovative mind behind the GlobalCommand Ecosystem, a dynamic suite of platforms designed to revolutionize productivity for entrepreneurs, freelancers, small business owners, and forward-thinking individuals. Through his visionary leadership, Rome has developed tools and content that eliminate complexity, empower decision-making, and accelerate success. The Powerhouse of Productivity: GlobalCmd.com At the heart of Rome’s vision is GlobalCmd.com, an intuitive AI-powered platform designed to simplify decision-making and streamline workflows. Whether you’re solving complex business challenges, scaling a new idea, or optimizing daily operations, GlobalCmd.com transforms inputs into actionable, results-driven solutions. Rome’s approach is straightforward yet transformative: provide users with tools that deliver clarity, save time, and empower them to focus on growth and achievement. With GlobalCmd.com, users no longer have to navigate overwhelming tools or inefficient processes—Rome has redefined productivity for real-world needs. An Ecosystem Built for Excellence Rome’s vision extends far beyond productivity tools. The GlobalCommand Ecosystem includes platforms that address every step of the user’s journey: • GLCND.com: A professional blog and content hub offering expert insights and actionable advice across business, science, health, and more. GLCND.com inspires users to explore new ideas, sharpen their skills, and stay ahead in their fields. • GlobalCmd A.I.: The innovative AI engine powering GlobalCmd.com, designed to turn user inputs into tailored recommendations, predictive insights, and actionable strategies. Built on the cutting-edge RAD² Framework, this AI simplifies even the most complex decisions with precision and ease. The Why Behind GlobalCmd.com Rome understands the pressure and challenges of running a business, launching projects, and making impactful decisions in real time. His mission was to create a platform that eliminates unnecessary complexity and provides clear, practical solutions for users. Whether users are tackling new ventures, refining operations, or handling day-to-day decisions, Rome has designed the GlobalCommand Ecosystem to meet real-world needs with innovative, results-oriented tools. Empowering Success Through Simplicity Rome’s ultimate goal is to empower individuals with the right tools, insights, and strategies to take control of their work and achieve success. By combining the strengths of GlobalCmd.com, GLCND.com, and GlobalCmd A.I., Rome has created an ecosystem that transforms how people work, think, and grow. Start your journey to smarter decisions and greater success today. Visit GlobalCmd.com and take control of your future.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Share post:

Our Newsletter

Subscribe Us To Receive Our Latest News Directly In Your Inbox!

We don’t spam! Read our privacy policy for more info.

Advertisement

Popular

More like this
Related

The mortgage rates in the USA fall on the fourth week in a row

Author: Naveen Athrappully Mortgage rates proceed the downward trend, which...

“I feel frightened”: YouTuber Ranveer Allahbadia says: “Don’t run, despite the” threat of death “

YouTuber and Podcaster Ranveer Allahbadia revealed that he had...

The arm shakes the semiconductor industry, announcing that it can sell its own systems

The ARM semiconductor design company surprised the hardware industry...