The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request.
Metrics
Affected Vendors & Products
References
History
Tue, 10 Dec 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
kev
|
MITRE
Status: PUBLISHED
Assigner: Zyxel
Published: 2023-06-19T11:42:41.774Z
Updated: 2024-12-10T16:00:18.927Z
Reserved: 2023-03-09T08:44:12.874Z
Link: CVE-2023-27992
Vulnrichment
Updated: 2024-08-02T12:23:30.801Z
NVD
Status : Modified
Published: 2023-06-19T12:15:09.433
Modified: 2024-11-21T07:53:53.520
Link: CVE-2023-27992
Redhat
No data.