Lucene search
K

4 matches found

Circl
Circl
added 2023/12/01 1:1 p.m.6 views

CVE-2023-37928

creationtimestamp| type| source ---|---|--- 2023-12-01 13:01:05+00:00| seen| https://t.me/truesecator/5152 2023-12-01 17:29:09+00:00| seen| https://t.me/itsecnews/3752...

8.8CVSS7.5AI score0.602EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/12/01 6:22 a.m.50 views

Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices

Zyxel has released patches to address 15 security issues impacting network-attached storage NAS, firewall, and access point AP devices, including three critical flaws that could lead to authentication bypass and command injection. The three vulnerabilities are listed below - CVE-2023-35138 CVSS...

9.8CVSS8.7AI score0.602EPSS
Exploits0
NVD
NVD
added 2023/11/30 2:15 a.m.19 views

CVE-2023-37928

A post-authentication command injection vulnerability in the WSGI server of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an authenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable devic...

8.8CVSS0.602EPSS
Exploits0References2
CVE
CVE
added 2023/11/30 1:37 a.m.50 views

CVE-2023-37928

CVE-2023-37928 affects Zyxel NAS326 and NAS542: a post-authentication command-injection in the WSGI server could allow an authenticated attacker to execute OS commands via a crafted URL. The 3.1.9 CVE entry notes a high-severity impact (CVSS 8.8; network attack vector, require LOW privileges, no ...

8.8CVSS9.1AI score0.602EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder