Lucene search
+L

4 matches found

Circl
Circl
added 2023/12/01 1:1 p.m.8 views

CVE-2023-37927

creationtimestamp| type| source ---|---|--- 2023-12-01 13:01:05+00:00| seen| https://t.me/truesecator/5152 2023-12-01 17:29:09+00:00| seen| https://t.me/itsecnews/3752...

8.8CVSS7.5AI score0.01752EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/12/01 6:22 a.m.50 views

Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices

Zyxel has released patches to address 15 security issues impacting network-attached storage NAS, firewall, and access point AP devices, including three critical flaws that could lead to authentication bypass and command injection. The three vulnerabilities are listed below - CVE-2023-35138 CVSS...

9.8CVSS8.7AI score0.602EPSS
Exploits0
CVE
CVE
added 2023/11/30 1:34 a.m.75 views

CVE-2023-37927

CVE-2023-37927 and CVE-2023-37928 affect Zyxel NAS326 (firmware V5.21(AAZF.14)C0) and NAS542 (V5.21(ABAG.11)C0). The flaws stem from improper neutralization in the CGI/WSGI handling, enabling an authenticated attacker to execute OS commands via crafted URLs. CVE-2023-37927 is described as imprope...

8.8CVSS8.9AI score0.01752EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/11/30 1:34 a.m.36 views

CVE-2023-37927

The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an authenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...

8.8CVSS8.9AI score0.01752EPSS
Exploits0References2
Rows per page
Query Builder