8 matches found
Zyxel NAS326 Operating System Command Injection Vulnerability
Zyxel NAS326 is a cloud storage NAS from China Hopkins Zyxel. An operating system command injection vulnerability exists in Zyxel NAS326 firmware version V5.21AAZF.15C0 and earlier versions, and NAS542 firmware version V5.21ABAG.12C0 and earlier versions. An attacker could exploit this...
CVE-2023-37927
The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an authenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...
PT-2023-8184 · Zyxel · Zyxel Nas326 +1
Name of the Vulnerable Software and Affected Versions: Zyxel NAS326 version V5.21AAZF.14C0 Zyxel NAS542 version V5.21ABAG.11C0 Description: The issue is related to an improper authentication vulnerability in the authentication module of the Zyxel NAS326 and NAS542 firmware. This vulnerability cou...
Zyxel NAS326 Operating System Command Injection Vulnerability
Zyxel NAS326 is a cloud storage NAS from China Heqin Zyxel. An operating system command injection vulnerability exists in Zyxel NAS326 V5.21AAZF.14C0 and NAS542 V5.21ABAG.11C0 and prior versions, which stems from incorrect neutralization of a special element that could allow an unauthenticated...
The vulnerability of the microprogrammed software for Zyxel NAS326, NAS540, and NAS542 lies in the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary code.
The vulnerability of the microprogrammed software for Zyxel NAS326, NAS540, and NAS542 lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially...
CVE-2022-34747
creationtimestamp| type| source ---|---|--- 2022-09-07 08:13:33+00:00| seen| https://www.cert.at/de/warnungen/2022/9/remote-code-execution-schwachstelle-in-zyxel-nas-updates-verfugbar 2022-09-07 08:26:47+00:00| seen| https://t.me/thehackernews/2543 2022-09-07 08:32:56+00:00| seen|...
CVE-2022-34747
A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21AAZF.12C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet...
ZyXEL NSA325 V2 Command Injection Vulnerability
The ZyXEL NSA325 V2 is a network storage device from Hopkins ZyXEL Technology. A command injection vulnerability exists in the zyshclient proprietary command line interface in the ZyXEL NSA325 V2 version 4.81, which can be exploited by an attacker to execute system commands with the help of this...