50 matches found
EUVD-2019-2434
Malware in sbrugna...
EUVD-2019-2437
Malware in sbrugna...
EUVD-2019-2435
Malware in sbrugna...
EUVD-2019-2436
Malware in sbrugna...
EUVD-2019-2438
Malware in sbrugna...
CVE-2019-10630
A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device...
CVE-2019-10631
Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests...
CVE-2019-10632
A directory traversal vulnerability in the file browser component on the Zyxel NAS 326 version 5.21 and below allows a lower privileged user to change the location of any other user's files...
CVE-2019-10633
An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs...
CVE-2019-10634
An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields...
Zyxel NAS Web Console Detection
Binary data zyxelnaswebconsoledetect.nbin...
Mirai-like Botnet Targets Zyxel NAS Devices in Europe for DDoS Attacks
Beware, Zyxel customers, and keep your devices up to date...
Exploit for OS Command Injection in Zyxel Nas326_Firmware
TG Join Us: https://t.me/WanLiChangChengWanLiChang Join us f...
Exploit for OS Command Injection in Zyxel Nas326_Firmware
CVE-2024-29973 PoC and Bulk Scanner Overview This is a pr...
Zyxel NAS Multiple Vulnerabilities
The Zyxel NAS is potentially affected by multiple vulnerabilities. - This command injection vulnerability in the 'setCookie' parameter in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute some OS commands by sending a crafted HTTP POST request. CVE-2024-29973 - Th...
Zyxel NAS Pre-Auth Command Injection vulnerability (CVE-2023-27992)
The Zyxel NAS is potentially affected by a pre-authentication command injection vulnerability. This Zyxel device firmware is missing authentication logic which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device. Note that...
Zyxel NAS Multiple Vulnerabilities (Jun 2024) - Active Check
Multiple Zyxel NAS devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only e.g.:...
CVE-2024-29974
UNSUPPORTED WHEN ASSIGNED The remote code execution vulnerability in the CGI program “fileupload-cgi” in Zyxel NAS326 firmware versions before V5.21AAZF.17C0 and NAS542 firmware versions before V5.21ABAG.14C0 could allow an unauthenticated attacker to execute arbitrary code by uploading a crafted...
VulnCheck KEV: CVE-2023-27992
Multiple Zyxel network-attached storage NAS devices contain a pre-authentication command injection vulnerability that could allow an unauthenticated attacker to execute commands remotely via a crafted HTTP request...
Zyxel Releases Urgent Security Updates for Critical Vulnerability in NAS Devices
Zyxel has rolled out security updates to address a critical security flaw in its network-attached storage NAS devices that could result in the execution of arbitrary commands on affected systems. Tracked as CVE-2023-27992 CVSS score: 9.8, the issue has been described as a pre-authentication comma...