CVE-2024-12010

Q: What is the severity of CVE-2024-12010?

CVE-2024-12010 has a CVSS score of 7.2 (HIGH). This vulnerability allows authenticated attackers with administrator privileges to execute arbitrary operating system commands on affected Zyxel devices. It affects Zyxel AX7501-B1 routers running firmware version V5.17(ABPC.5.3)C0 or earlier. Attackers could gain full control of the device after authenticating with admin credentials.

7.2 HIGH

Remote Code Execution

📋 TL;DR

This vulnerability allows authenticated attackers with administrator privileges to execute arbitrary operating system commands on affected Zyxel devices. It affects Zyxel AX7501-B1 routers running firmware version V5.17(ABPC.5.3)C0 or earlier. Attackers could gain full control of the device after authenticating with admin credentials.

💻 Affected Systems

Products:

Zyxel AX7501-B1

Versions: V5.17(ABPC.5.3)C0 and earlier

Operating Systems: Embedded Linux on Zyxel devices

Default Config Vulnerable: ⚠️ Yes

Notes: Requires administrator authentication; default admin credentials increase risk significantly.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing attackers to install persistent backdoors, pivot to internal networks, intercept/modify traffic, or use the device for botnet activities.

🟠

Likely Case

Attackers with stolen or default admin credentials gain shell access to modify device configuration, steal credentials, or disable security features.

🟢

If Mitigated

Limited to attackers who have obtained valid administrator credentials through other means.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires admin credentials but command injection is straightforward once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware newer than V5.17(ABPC.5.3)C0

Vendor Advisory: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-vulnerabilities-in-certain-dsl-ethernet-cpe-fiber-ont-and-wifi-extender-devices-03-11-2025

Restart Required: No

Instructions:

1. Log into Zyxel web interface as admin. 2. Navigate to Maintenance > Firmware Upgrade. 3. Download latest firmware from Zyxel support site. 4. Upload and apply firmware update. 5. Verify version is updated.

🔧 Temporary Workarounds

Restrict Admin Access

all

Limit administrative access to trusted IP addresses only

Change Default Credentials

all

Ensure strong, unique admin passwords are set

🧯 If You Can't Patch

Isolate vulnerable devices in separate network segments with strict firewall rules
Implement network monitoring for suspicious command execution patterns

🔍 How to Verify

Check if Vulnerable:

Check firmware version via web interface: System Info > Firmware Version

Check Version:

ssh admin@device-ip 'cat /proc/version' or check web interface

Verify Fix Applied:

Verify firmware version is newer than V5.17(ABPC.5.3)C0

📡 Detection & Monitoring

Log Indicators:

Unusual command execution in system logs
Multiple failed login attempts followed by successful admin login
Suspicious processes spawned from web interface

Network Indicators:

Unexpected outbound connections from device
Traffic to known malicious IPs
Unusual port scanning from device

SIEM Query:

source="zyxel_logs" AND (event_type="command_execution" OR user="admin" AND action="system_command")

📊 Metadata

CVE ID: CVE-2024-12010

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-78

EPSS Score: 0.32% exploit probability (54.4th percentile)

Published: March 11, 2025

Last Updated: January 13, 2026

🔗 References

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-vulnerabilities-in-certain-dsl-ethernet-cpe-fiber-ont-and-wifi-extender-devices-03-11-2025 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ax7501 B0 Firmware by Zyxel

Ax7501 B1 Firmware by Zyxel

Dx3300 T0 Firmware by Zyxel

Dx3300 T1 Firmware by Zyxel

Dx3301 T0 Firmware by Zyxel

Dx4510 B0 Firmware by Zyxel

Dx4510 B1 Firmware by Zyxel

Dx5401 B0 Firmware by Zyxel

Dx5401 B1 Firmware by Zyxel

Ee6510 10 Firmware by Zyxel

Emg3525 T50b Firmware by Zyxel

Emg5523 T50b Firmware by Zyxel

Emg5723 T50k Firmware by Zyxel

Ex3300 T0 Firmware by Zyxel

Ex3300 T1 Firmware by Zyxel

Ex3301 T0 Firmware by Zyxel

Ex3500 T0 Firmware by Zyxel

Ex3501 T0 Firmware by Zyxel

Ex3510 B0 Firmware by Zyxel

Ex3510 B1 Firmware by Zyxel

Ex3600 T0 Firmware by Zyxel

Ex5401 B0 Firmware by Zyxel

Ex5401 B1 Firmware by Zyxel

Ex5501 B0 Firmware by Zyxel

Ex5510 B0 Firmware by Zyxel

Ex5512 T0 Firmware by Zyxel

Ex5601 T0 Firmware by Zyxel

Ex5601 T1 Firmware by Zyxel

Ex7501 B0 Firmware by Zyxel

Ex7710 B0 Firmware by Zyxel

Px3321 T1 Firmware by Zyxel

Px3321 T1 Firmware by Zyxel

Px5301 T0 Firmware by Zyxel

Vmg3625 T50b Firmware by Zyxel

Vmg3927 T50k Firmware by Zyxel

Vmg8623 T50b Firmware by Zyxel

Vmg8825 T50k Firmware by Zyxel

Wx3100 T0 Firmware by Zyxel

Wx3401 B0 Firmware by Zyxel

Wx3401 B1 Firmware by Zyxel

Wx5600 T0 Firmware by Zyxel

Wx5610 B0 Firmware by Zyxel