← ExploitWatch
HomeExploited Vulnerabilities

CVE-2024-11667 — Actively Exploited: Multiple Firewalls (Zyxel)

Multiple Zyxel firewalls contain a path traversal vulnerability in the web management interface that could allow an attacker to download or upload files via a crafted URL.

CVE IDCVE-2024-11667
VendorZyxel
ProductMultiple Firewalls
Vulnerability nameZyxel Multiple Firewalls Path Traversal Vulnerability
Date added2024-12-03
Remediation due2024-12-24
Known ransomware useKnown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionMultiple Zyxel firewalls contain a path traversal vulnerability in the web management interface that could allow an attacker to download or upload files via a crafted URL.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →