Zyxel, a communications company, has released an advisory warning users of a critical input validation vulnerability impacting many of its router models. CVE-2024-7261, with a CVSS score of 9.8, could potentially allow unauthenticated attackers to perform OS command injection. According to Zyxel, the improper neutralization of special characters in the “host” parameter within the CGI […]
The post Zyxel Users Beware: Critical OS Command Injection Flaw Threatens Routers appeared first on SecPod Blog.