2 matches found
CVE-2019-10631
Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests...
CVE-2019-10631
CVE-2019-10631 describes a Shell Metacharacter Injection in the Zyxel NAS 326 package installer (versions 5.21 and earlier). An authenticated attacker can execute arbitrary code via multiple different requests. Affected product: Zyxel NAS 326 (Hopscotch). Root cause: shell metacharacter handling ...