CVE-2023-4473

A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...

CVE-2023-4474

The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...

EUVD-2022-37696

Malicious code in bioql PyPI...

EUVD-2024-26950

Malicious code in bioql PyPI...

EUVD-2023-39167

Malicious code in bioql PyPI...

EUVD-2024-47455

Malicious code in bioql PyPI...

EUVD-2024-26949

Malicious code in bioql PyPI...

EUVD-2023-41781

Malicious code in bioql PyPI...

EUVD-2023-31713

Malicious code in bioql PyPI...

VulnCheck KEV: CVE-2024-29972

UNSUPPORTED WHEN ASSIGNED The command injection vulnerability in the CGI program "remotehelp-cgi" in Zyxel NAS326 firmware versions before V5.21AAZF.17C0 and NAS542 firmware versions before V5.21ABAG.14C0 could allow an unauthenticated attacker to execute some operating system OS...

CVE-2024-29975

UNSUPPORTED WHEN ASSIGNED The improper privilege management vulnerability in the SUID executable binary in Zyxel NAS326 firmware versions before V5.21AAZF.17C0 and NAS542 firmware versions before V5.21ABAG.14C0 could allow an authenticated local attacker with administrator privileges to execute...

CVE-2024-29976

UNSUPPORTED WHEN ASSIGNED The improper privilege management vulnerability in the command “showallsessions” in Zyxel NAS326 firmware versions before V5.21AAZF.17C0 and NAS542 firmware versions before V5.21ABAG.14C0 could allow an authenticated attacker to obtain a logged-in administrator’s session...

CVE-2023-27992

The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21AAZF.14C0, NAS540 firmware versions prior to V5.21AATB.11C0, and NAS542 firmware versions prior to V5.21ABAG.11C0 could allow an unauthenticated attacker to execute some operating system OS...

CVE-2023-35137

An improper authentication vulnerability in the authentication module of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an unauthenticated attacker to obtain system information by sending a crafted URL to a vulnerable device...

CVE-2023-35138

A command injection vulnerability in the “showzysyncservercontents” function of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a crafted HTTP POST request...

CVE-2023-27988

The post-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21AAZF.13C0 could allow an authenticated attacker with administrator privileges to execute some operating system OS commands on an affected device remotely...

CVE-2022-34747

A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21AAZF.12C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet...

CVE-2024-29972

UNSUPPORTED WHEN ASSIGNED The command injection vulnerability in the CGI program "remotehelp-cgi" in Zyxel NAS326 firmware versions before V5.21AAZF.17C0 and NAS542 firmware versions before V5.21ABAG.14C0 could allow an unauthenticated attacker to execute some operating system OS commands by...

CVE-2024-29973

UNSUPPORTED WHEN ASSIGNED The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21AAZF.17C0 and NAS542 firmware versions before V5.21ABAG.14C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a...

CVE-2024-6342

UNSUPPORTED WHEN ASSIGNED A command injection vulnerability in the export-cgi program of Zyxel NAS326 firmware versions through V5.21AAZF.18C0 and NAS542 firmware versions through V5.21ABAG.15C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a...