2 matches found
Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices
Zyxel has released patches to address 15 security issues impacting network-attached storage NAS, firewall, and access point AP devices, including three critical flaws that could lead to authentication bypass and command injection. The three vulnerabilities are listed below - CVE-2023-35138 CVSS...
CVE-2023-4473
CVE-2023-4473 and CVE-2023-4474 affect Zyxel NAS326 (firmware V5.21(AAZF.14)C0) and NAS542 (V5.21(ABAG.11)C0). The web server vulnerabilities allow an unauthenticated attacker to execute OS commands via crafted URLs; CVE-2023-4473 is a command injection and CVE-2023-4474 a faulty neutralization i...