Lucene search

[email protected]NVD:CVE-2023-4474

HistoryNov 30, 2023 - 2:15 a.m.

CVE-2023-4474

2023-11-3002:15:43

CWE-78

[email protected]

web.nvd.nist.gov

cve-2023-4474

zyxel

nas326

nas542

wsgi server

vulnerability

firmware

unauthenticated attacker

os commands

crafted url

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

41.6%

JSON

The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.

Affected configurations

Nvd

Node

zyxelnas326_firmwareRange≤5.21\(aazf.14\)c0

AND

zyxelnas326Match-

Node

zyxelnas542_firmwareRange≤5.21\(abag.11\)c0

AND

zyxelnas542Match-

VendorProductVersionCPE
zyxelnas326_firmware*cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*
zyxelnas326-cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*
zyxelnas542_firmware*cpe:2.3:o:zyxel:nas542_firmware:*:*:*:*:*:*:*:*
zyxelnas542-cpe:2.3:h:zyxel:nas542:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
zyxel	nas326_firmware	*	cpe:2.3:o:zyxel:nas326_firmware::::::::
zyxel	nas326	-	cpe:2.3:h:zyxel:nas326:-:::::::*
zyxel	nas542_firmware	*	cpe:2.3:o:zyxel:nas542_firmware::::::::
zyxel	nas542	-	cpe:2.3:h:zyxel:nas542:-:::::::*

References

bugprove.com/knowledge-hub/cve-2023-4473-and-cve-2023-4474-authentication-bypass-and-multiple-blind-os-command-injection-vulnerabilities-in-zyxel-s-nas-326-devices/

www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products