Lucene search

K
ZyxelNas326 Firmware

5 matches found

CVE
CVE
added 2023/11/30 2:15 a.m.54 views

CVE-2023-37927

The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.

8.8CVSS8.9AI score0.00972EPSS
CVE
CVE
added 2019/04/09 5:29 a.m.39 views

CVE-2019-10630

A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device.

8.8CVSS8.5AI score0.00307EPSS
CVE
CVE
added 2019/04/09 5:29 a.m.39 views

CVE-2019-10631

Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests.

8.8CVSS8.9AI score0.00917EPSS
CVE
CVE
added 2019/04/09 5:29 a.m.38 views

CVE-2019-10633

An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs.

8.8CVSS8.6AI score0.0147EPSS
CVE
CVE
added 2023/11/30 2:15 a.m.37 views

CVE-2023-37928

A post-authentication command injection vulnerability in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable d...

8.8CVSS9.1AI score0.02145EPSS