Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ZyxelNas542 Firmware*

8 matches found

CVE
CVEadded 2023/06/19 12:15 p.m.480 views

CVE-2023-27992

The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system...

9.8CVSS9.7AI score0.8935EPSS
CVE
CVEadded 2023/11/30 2:15 a.m.54 views

CVE-2023-37927

The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.

8.8CVSS8.9AI score0.00972EPSS
CVE
CVEadded 2023/05/30 2:15 a.m.51 views

CVE-2023-27988

The post-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.13)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device remotely.

7.2CVSS7.2AI score0.00337EPSS
CVE
CVEadded 2023/11/30 2:15 a.m.46 views

CVE-2023-35138

A command injection vulnerability in the “show_zysync_server_contents” function of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST re...

9.8CVSS9.7AI score0.0831EPSS
CVE
CVEadded 2023/11/30 2:15 a.m.45 views

CVE-2023-4473

A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.

9.8CVSS9.7AI score0.39942EPSS
CVE
CVEadded 2023/11/30 2:15 a.m.39 views

CVE-2023-35137

An improper authentication vulnerability in the authentication module of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to obtain system information by sending a crafted URL to a vulnerable device.

7.5CVSS7.9AI score0.00124EPSS
CVE
CVEadded 2023/11/30 2:15 a.m.38 views

CVE-2023-4474

The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable devic...

9.8CVSS9.5AI score0.16275EPSS
CVE
CVEadded 2023/11/30 2:15 a.m.37 views

CVE-2023-37928

A post-authentication command injection vulnerability in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable d...

8.8CVSS9.1AI score0.02145EPSS