Lucene search
K

4 matches found

BDU FSTEC
BDU FSTEC
added 2023/08/01 12:0 a.m.5 views

The vulnerability of the microprogrammed software for Zyxel NAS326, NAS540, and NAS542 lies in the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary code.

The vulnerability of the microprogrammed software for Zyxel NAS326, NAS540, and NAS542 lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially...

8.3CVSS7.5AI score0.01415EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/19 12:0 a.m.6 views

PT-2023-3171 · Zyxel · Zyxel Nas326 +2

Name of the Vulnerable Software and Affected Versions: Zyxel NAS326 versions prior to V5.21AAZF.14C0 Zyxel NAS540 versions prior to V5.21AATB.11C0 Zyxel NAS542 versions prior to V5.21ABAG.11C0 Description: The pre-authentication command injection issue in Zyxel NAS devices could allow an...

10CVSS10AI score0.84195EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2023/06/19 12:0 a.m.38 views

CVE-2023-27992

The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21AAZF.14C0, NAS540 firmware versions prior to V5.21AATB.11C0, and NAS542 firmware versions prior to V5.21ABAG.11C0 could allow an unauthenticated attacker to execute some operating system OS...

9.8CVSS9.8AI score0.84195EPSS
In wildExploits0References2
OSV
OSV
added 2020/03/04 8:15 p.m.4 views

CVE-2020-9054

Multiple ZyXEL network-attached storage NAS devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using th...

9.8CVSS8.3AI score0.99988EPSS
Exploits2References6
Rows per page
Query Builder