CVE-2024-11253

CVE-2024-11253 is a post-authentication command injection vulnerability (CWE-78) affecting the "DNSServer" parameter in the diagnostic function of Zyxel VMG8825-T50K firmware version V5.50(ABOM.8.5)C0 and earlier. Published on 2025-03-11, it carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact on confidentiality, integrity, and availability.

The vulnerability can be exploited by an authenticated attacker possessing administrator privileges, who can access the device over the network with low attack complexity and no user interaction required. Exploitation enables the execution of arbitrary operating system commands on the vulnerable device, granting the attacker substantial control over the system's underlying operations.

Zyxel has published a security advisory detailing the post-authentication command injection vulnerabilities in certain DSL, Ethernet CPE, fiber ONT, and WiFi extender devices, available at https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-vulnerabilities-in-certain-dsl-ethernet-cpe-fiber-ont-and-wifi-extender-devices-03-11-2025, which security practitioners should consult for patch information and mitigation guidance.