5 matches found
CVE-2023-4474
The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...
Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices
Zyxel has released patches to address 15 security issues impacting network-attached storage NAS, firewall, and access point AP devices, including three critical flaws that could lead to authentication bypass and command injection. The three vulnerabilities are listed below - CVE-2023-35138 CVSS...
CVE-2023-4474
The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...
CVE-2023-4474
CVE-2023-4474 affects Zyxel NAS326 and NAS542 devices. The root cause is improper neutralization of special elements in the WSGI server, allowing an unauthenticated attacker to execute OS commands by sending a crafted URL. Affected firmwares: NAS326 up to V5.21(AAZF.14)C0 and NAS542 up to V5.21(A...
CVE-2023-4474
The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...