CVE-2024-40891
HIGH
2025-02-04
[email protected]
8.8
CVSS 3.1
Share
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Lifecycle Timeline
3
Analysis Generated
Mar 28, 2026 - 18:24 vuln.today
Added to CISA KEV
Oct 27, 2025 - 17:04 cisa
CISA KEV
CVE Published
Feb 04, 2025 - 10:15 nvd
HIGH 8.8
Tags
Command Injection
Zyxel
Vmg1312 B10A Firmware
Vmg1312 B10B Firmware
Vmg1312 B10E Firmware
Vmg3312 B10A Firmware
Vmg3313 B10A Firmware
Vmg3926 B10B Firmware
Vmg4325 B10A Firmware
Vmg4380 B10A Firmware
Vmg8324 B10A Firmware
Vmg8924 B10A Firmware
Sbg3300 N000 Firmware
Sbg3300 Nb00 Firmware
Sbg3500 N000 Firmware
Sbg3500 Nb00 Firmware
Description
**UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device via Telnet.
Analysis
Zyxel VMG4325-B10A legacy DSL CPE contains post-authentication command injection via Telnet management commands, companion vulnerability to CVE-2024-40890 affecting the same unsupported device.
Technical Context
The CWE-78 command injection via Telnet provides an alternative exploitation path alongside the CGI-based CVE-2024-40890.
Affected Products
['Zyxel VMG4325-B10A firmware 1.00(AAFR.4)C0_20170615']
Remediation
Replace the device. Disable Telnet access if possible.
Priority Score
149
Low
Medium
High
Critical
KEV: +50
EPSS: +55.4
CVSS: +44
POC: 0
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).