2 vulnerabilities in Zyxel Armor home routers: Patch immediately

Cybersecurity specialists report the detection of some severe vulnerabilities in Zyxel Armor routers, mainly used in home environments. According to the report, successful exploitation of these flaws would allow threat actors to fully compromise the affected system.

Below are brief descriptions of the reported flaws, in addition to their respective identification keys and scores assigned under the Common Vulnerability Scoring System (CVSS).

CVE-2021-4029: Improper validation of inputs on affected devices would allow threat actors to execute arbitrary commands on vulnerable systems.

This is a low severity vulnerability and received a CVSS score of 7.3/10.

CVE-2021-4030: On the other hand, this flaw exists due to insufficient sanitization of the data provided by the user in the HTTP daemon. Threat actors can use a specially crafted website to execute HTML code and arbitrary scripts in the user’s browser in the context of a vulnerable website.

This is a low-severity vulnerability and received a CVSS score of 5.3/10.

According to the report, the flaws reside in the following models and versions of routers:

  • Armor Z1 (NBG6816): All versions
  • Armor Z2 (NBG6817): versions earlier than 1.00 (ABCS.11)C0

While flaws can be exploited by unauthenticated threat actors over the Internet, no active exploitation attempts have been detected so far. Still, Zyxel recommends users of affected deployments apply the available updates as soon as possible to fully mitigate the risk of exploitation.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.