← back
CVE-2024-12398

CVE-2024-12398

CVSS 8.8 HIGHEPSS 0.5%CWE-269
An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Zyxel · WBE530 firmwareZyxel · WBE660S firmware

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-and-security-router-devices-01-14-2025