Lucene search
K

50 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-2434

Malware in sbrugna...

8.8CVSS8.8AI score0.01177EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-2437

Malware in sbrugna...

8.8CVSS8.8AI score0.03296EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-2435

Malware in sbrugna...

8.8CVSS8.8AI score0.02291EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-2436

Malware in sbrugna...

6.5CVSS6.6AI score0.01424EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-2438

Malware in sbrugna...

5.4CVSS5.5AI score0.00837EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:28 a.m.12 views

CVE-2019-10630

A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device...

8.8CVSS7AI score0.01177EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:6 a.m.12 views

CVE-2019-10631

Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests...

8.8CVSS8AI score0.02291EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:49 a.m.9 views

CVE-2019-10632

A directory traversal vulnerability in the file browser component on the Zyxel NAS 326 version 5.21 and below allows a lower privileged user to change the location of any other user's files...

6.5CVSS6.8AI score0.01424EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:7 a.m.9 views

CVE-2019-10633

An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs...

8.8CVSS7.9AI score0.03296EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:48 a.m.9 views

CVE-2019-10634

An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields...

5.4CVSS5.7AI score0.00837EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/09/11 12:0 a.m.9 views

Zyxel NAS Web Console Detection

Binary data zyxelnaswebconsoledetect.nbin...

7.3AI score
Exploits0References1
HackRead
HackRead
added 2024/06/29 3:58 p.m.10 views

Mirai-like Botnet Targets Zyxel NAS Devices in Europe for DDoS Attacks

Beware, Zyxel customers, and keep your devices up to date...

7.4AI score
Exploits0
GithubExploit
GithubExploit
added 2024/06/20 11:12 a.m.542 views

Exploit for OS Command Injection in Zyxel Nas326_Firmware

TG Join Us: https://t.me/WanLiChangChengWanLiChang Join us f...

9.8CVSS6AI score0.89218EPSS
Exploits2
GithubExploit
GithubExploit
added 2024/06/19 10:34 a.m.587 views

Exploit for OS Command Injection in Zyxel Nas326_Firmware

CVE-2024-29973 PoC and Bulk Scanner Overview This is a pr...

9.8CVSS9.6AI score0.86089EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2024/06/14 12:0 a.m.43 views

Zyxel NAS Multiple Vulnerabilities

The Zyxel NAS is potentially affected by multiple vulnerabilities. - This command injection vulnerability in the 'setCookie' parameter in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute some OS commands by sending a crafted HTTP POST request. CVE-2024-29973 - Th...

9.8CVSS7.3AI score0.89218EPSS
Exploits12References6
Tenable Nessus
Tenable Nessus
added 2024/06/11 12:0 a.m.35 views

Zyxel NAS Pre-Auth Command Injection vulnerability (CVE-2023-27992)

The Zyxel NAS is potentially affected by a pre-authentication command injection vulnerability. This Zyxel device firmware is missing authentication logic which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device. Note that...

9.8CVSS9AI score0.84195EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/06/06 12:0 a.m.80 views

Zyxel NAS Multiple Vulnerabilities (Jun 2024) - Active Check

Multiple Zyxel NAS devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only e.g.:...

9.8CVSS8.3AI score0.89218EPSS
Exploits12References2
NVD
NVD
added 2024/06/04 2:15 a.m.21 views

CVE-2024-29974

UNSUPPORTED WHEN ASSIGNED The remote code execution vulnerability in the CGI program “fileupload-cgi” in Zyxel NAS326 firmware versions before V5.21AAZF.17C0 and NAS542 firmware versions before V5.21ABAG.14C0 could allow an unauthenticated attacker to execute arbitrary code by uploading a crafted...

9.8CVSS9.8AI score0.22784EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2023/06/23 12:0 a.m.9 views

VulnCheck KEV: CVE-2023-27992

Multiple Zyxel network-attached storage NAS devices contain a pre-authentication command injection vulnerability that could allow an unauthenticated attacker to execute commands remotely via a crafted HTTP request...

9.8CVSS7.6AI score0.84195EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/06/20 12:12 p.m.4 views

Zyxel Releases Urgent Security Updates for Critical Vulnerability in NAS Devices

Zyxel has rolled out security updates to address a critical security flaw in its network-attached storage NAS devices that could result in the execution of arbitrary commands on affected systems. Tracked as CVE-2023-27992 CVSS score: 9.8, the issue has been described as a pre-authentication comma...

9.8CVSS8.1AI score0.84195EPSS
Exploits0
Rows per page
Query Builder