2 matches found
VulnCheck KEV: CVE-2023-4473
A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...
Zyxel NAS326 Operating System Command Injection Vulnerability
Zyxel NAS326 is a cloud storage NAS from China Heqin Zyxel. An operating system command injection vulnerability exists in Zyxel NAS326 V5.21AAZF.14C0 and NAS542 V5.21ABAG.11C0 and prior versions, which stems from incorrect neutralization of a special element that could allow an unauthenticated...