CVE-2023-37927

The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an authenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...

Zyxel NAS326 操作系统命令注入漏洞

Zyxel NAS326 is a cloud storage NAS from China Heqin Zyxel. A security vulnerability exists in versions prior to Zyxel NAS326 V5.21AAZF.13C0. It allows an authenticated attacker with administrator privileges to remotely execute certain operating system commands on the affected device...