Lucene search
K

8 matches found

CNNVD
CNNVD
added 2024/01/30 12:0 a.m.4 views

Zyxel NAS326 Operating System Command Injection Vulnerability

Zyxel NAS326 is a cloud storage NAS from China Hopkins Zyxel. An operating system command injection vulnerability exists in Zyxel NAS326 firmware version V5.21AAZF.15C0 and earlier versions, and NAS542 firmware version V5.21ABAG.12C0 and earlier versions. An attacker could exploit this...

7.2CVSS7.8AI score0.28472EPSS
Exploits0References2
OSV
OSV
added 2023/11/30 2:15 a.m.6 views

CVE-2023-37927

The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an authenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...

8.8CVSS5.9AI score0.602EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/30 12:0 a.m.6 views

PT-2023-8184 · Zyxel · Zyxel Nas326 +1

Name of the Vulnerable Software and Affected Versions: Zyxel NAS326 version V5.21AAZF.14C0 Zyxel NAS542 version V5.21ABAG.11C0 Description: The issue is related to an improper authentication vulnerability in the authentication module of the Zyxel NAS326 and NAS542 firmware. This vulnerability cou...

7.8CVSS7.6AI score0.00866EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/11/30 12:0 a.m.6 views

Zyxel NAS326 Operating System Command Injection Vulnerability

Zyxel NAS326 is a cloud storage NAS from China Heqin Zyxel. An operating system command injection vulnerability exists in Zyxel NAS326 V5.21AAZF.14C0 and NAS542 V5.21ABAG.11C0 and prior versions, which stems from incorrect neutralization of a special element that could allow an unauthenticated...

9.8CVSS7.9AI score0.2974EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/06/20 12:0 a.m.7 views

The vulnerability of the microprogrammed software for Zyxel NAS326, NAS540, and NAS542 lies in the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary code.

The vulnerability of the microprogrammed software for Zyxel NAS326, NAS540, and NAS542 lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially...

10CVSS8.5AI score0.84195EPSS
Exploits0References2
Circl
Circl
added 2022/09/07 8:13 a.m.4 views

CVE-2022-34747

creationtimestamp| type| source ---|---|--- 2022-09-07 08:13:33+00:00| seen| https://www.cert.at/de/warnungen/2022/9/remote-code-execution-schwachstelle-in-zyxel-nas-updates-verfugbar 2022-09-07 08:26:47+00:00| seen| https://t.me/thehackernews/2543 2022-09-07 08:32:56+00:00| seen|...

9.8CVSS7.5AI score0.01539EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/09/06 2:15 a.m.2 views

CVE-2022-34747

A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21AAZF.12C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet...

9.8CVSS6.6AI score0.01539EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/11/28 12:0 a.m.5 views

ZyXEL NSA325 V2 Command Injection Vulnerability

The ZyXEL NSA325 V2 is a network storage device from Hopkins ZyXEL Technology. A command injection vulnerability exists in the zyshclient proprietary command line interface in the ZyXEL NSA325 V2 version 4.81, which can be exploited by an attacker to execute system commands with the help of this...

9CVSS9.2AI score0.03443EPSS
Exploits1References1
Rows per page
Query Builder