EIP-c624ba9f

A command-injection vulnerability exists within the ZyXEL Armor Z1 AC2350 series. The vulnerable endpoint is within the ‘photobak’ component found in the cgi-bin. Exploitation of the vulnerability allows for remote unauthenticated attackers to run arbitrary commands on vulnerable versions of the firmware under the context of the underlying lighthttpd subsystem.

Vulnerability Identifiers

• Exodus Intelligence: EIP-c624ba9f
• MITRE CVE: CVE-2021-4029

Vulnerability Metrics

• CVSSv2 Score: 8.3

Vendor References

• TBD

Discovery Credit

• Exodus Intelligence

Disclosure Timeline

• Disclosed to affected vendor: December 14th, 2021
• Disclosed to public: February 22nd, 2022

Further Information

Readers of this advisory who are interested in receiving further details around the vulnerability, mitigations, detection guidance, and more can contact us at [email protected].

Researchers who are interested in monetizing their 0Day and NDay can work with us through our Research Sponsorship Program.