Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:57 a.m.10 views

CVE-2023-4474

The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...

9.8CVSS7.6AI score0.2974EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/12/01 6:22 a.m.50 views

Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices

Zyxel has released patches to address 15 security issues impacting network-attached storage NAS, firewall, and access point AP devices, including three critical flaws that could lead to authentication bypass and command injection. The three vulnerabilities are listed below - CVE-2023-35138 CVSS...

9.8CVSS8.7AI score0.602EPSS
Exploits0
NVD
NVD
added 2023/11/30 2:15 a.m.20 views

CVE-2023-4474

The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...

9.8CVSS0.2974EPSS
Exploits0References2
CVE
CVE
added 2023/11/30 1:45 a.m.52 views

CVE-2023-4474

CVE-2023-4474 affects Zyxel NAS326 and NAS542 devices. The root cause is improper neutralization of special elements in the WSGI server, allowing an unauthenticated attacker to execute OS commands by sending a crafted URL. Affected firmwares: NAS326 up to V5.21(AAZF.14)C0 and NAS542 up to V5.21(A...

9.8CVSS9.5AI score0.2974EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/30 1:45 a.m.16 views

CVE-2023-4474

The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...

9.8CVSS7.5AI score0.2974EPSS
Exploits0References2
Rows per page
Query Builder