Zyxel EX5601-T1 Post-Authentication Command Injection Vulnerability Allowing OS Command Execution

A post-authentication command injection vulnerability has been identified in the 'ZyEE' function of the Zyxel EX5601-T1 firmware version V5.70(ACDZ.3.6)C0 and earlier. This vulnerability allows an authenticated attacker with administrator privileges to execute operating system commands on the affected device. It is important to note that WAN access is disabled by default on these devices, and exploitation can only succeed if the administrator passwords have been compromised.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of operating system commands on the affected device, potentially allowing for further exploitation or manipulation of the device's functions or data.

Remediation

Users can upgrade to Zyxel firmware version V5.70(ACDZ.4)C0 to address this vulnerability. For devices acquired through an ISP, it is recommended to contact the ISP's support team. For other users, please reach out to the local Zyxel support team or visit Zyxel's Community for assistance.