Unrated severityCISA KEVNVD Advisory· Published Feb 4, 2025· Updated Oct 21, 2025
CVE-2024-40891
CVE-2024-40891
Description
UNSUPPORTED WHEN ASSIGNED A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device via Telnet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 1.00(AAFR.4)C0_20170615+ 1 more
- (no CPE)range: = 1.00(AAFR.4)C0_20170615
- (no CPE)range: <= 1.00(AAFR.4)C0_20170615
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.