CVE: CVE-2021-4039
Summary
Zyxel has released a patch addressing an OS command injection vulnerability in the NWA1100-NH access point. Users are advised to install it for optimal protection.
What is the vulnerability?
An OS command-injection vulnerability in the NWA1100-NH access point could allow an attacker to execute arbitrary OS commands via the web interface of the vulnerable device.
What versions are vulnerable—and what should you do?
After a thorough investigation, we’ve identified only one vulnerable product and released a firmware patch to address the issue, as shown in the table below.
Affected model |
Patch availability |
NWA1100-NH |
Got a question or a tipoff?
Please contact your local service rep or visit Zyxel’s forum for further information or assistance.
If you want to be informed of any other new security vulnerability, please check and follow this KB:
You can click the "Follow" button on the top of this article to get this article's updates.
Acknowledgment
Thanks to Ahmed Alroky for reporting the issue to us.
Revision history
2022-03-01: Initial release
Comments
0 commentsPlease sign in to leave a comment.