CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-27992

The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.893

EPSS Ranking 99.5%

CVSS Severity

CVSS v3 Score 9.8

Proposed Action

Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability that could allow an unauthenticated attacker to execute commands remotely via a crafted HTTP request.

Ransomware Campaign

Unknown

References

Products affected by CVE-2023-27992

Zyxel » Nas326 » Version: N/A

cpe:2.3:h:zyxel:nas326:-
Zyxel » Nas540 » Version: N/A

cpe:2.3:h:zyxel:nas540:-
Zyxel » Nas542 » Version: N/A

cpe:2.3:h:zyxel:nas542:-
Zyxel » Nas326 Firmware » Version: N/A

cpe:2.3:o:zyxel:nas326_firmware:-
Zyxel » Nas326 Firmware » Version: 5.21

cpe:2.3:o:zyxel:nas326_firmware:5.21
Zyxel » Nas326 Firmware » Version: 5.21(aazf.12)c0

cpe:2.3:o:zyxel:nas326_firmware:5.21(aazf.12)c0
Zyxel » Nas326 Firmware » Version: 5.21(aazf.13)c0

cpe:2.3:o:zyxel:nas326_firmware:5.21(aazf.13)c0
Zyxel » Nas326 Firmware » Version: 5.21(aazf.14)c0

cpe:2.3:o:zyxel:nas326_firmware:5.21(aazf.14)c0
Zyxel » Nas326 Firmware » Version: 5.21(aazf.16)c0

cpe:2.3:o:zyxel:nas326_firmware:5.21(aazf.16)c0
Zyxel » Nas326 Firmware » Version: 5.21(aazf.17)c0

cpe:2.3:o:zyxel:nas326_firmware:5.21(aazf.17)c0
Zyxel » Nas326 Firmware » Version: 5.21(aazf.18)c0

cpe:2.3:o:zyxel:nas326_firmware:5.21(aazf.18)c0
Zyxel » Nas326 Firmware » Version: 5.21(aazf.7)c0

cpe:2.3:o:zyxel:nas326_firmware:5.21(aazf.7)c0
Zyxel » Nas540 Firmware » Version: N/A

cpe:2.3:o:zyxel:nas540_firmware:-
Zyxel » Nas540 Firmware » Version: 5.21(aatb.10)c0

cpe:2.3:o:zyxel:nas540_firmware:5.21(aatb.10)c0
Zyxel » Nas540 Firmware » Version: 5.21(aatb.11)c0

cpe:2.3:o:zyxel:nas540_firmware:5.21(aatb.11)c0
Zyxel » Nas540 Firmware » Version: 5.21(aatb.4)c0

cpe:2.3:o:zyxel:nas540_firmware:5.21(aatb.4)c0
Zyxel » Nas540 Firmware » Version: 5.21(aatb.9)c0

cpe:2.3:o:zyxel:nas540_firmware:5.21(aatb.9)c0
Zyxel » Nas542 Firmware » Version: N/A

cpe:2.3:o:zyxel:nas542_firmware:-
Zyxel » Nas542 Firmware » Version: 5.21(abag.10)c0

cpe:2.3:o:zyxel:nas542_firmware:5.21(abag.10)c0
Zyxel » Nas542 Firmware » Version: 5.21(abag.11)c0

cpe:2.3:o:zyxel:nas542_firmware:5.21(abag.11)c0
Zyxel » Nas542 Firmware » Version: 5.21(abag.13)c0

cpe:2.3:o:zyxel:nas542_firmware:5.21(abag.13)c0
Zyxel » Nas542 Firmware » Version: 5.21(abag.14)c0

cpe:2.3:o:zyxel:nas542_firmware:5.21(abag.14)c0
Zyxel » Nas542 Firmware » Version: 5.21(abag.15)c0

cpe:2.3:o:zyxel:nas542_firmware:5.21(abag.15)c0
Zyxel » Nas542 Firmware » Version: 5.21(abag.4)c0

cpe:2.3:o:zyxel:nas542_firmware:5.21(abag.4)c0
Zyxel » Nas542 Firmware » Version: 5.21(abag.9)c0

cpe:2.3:o:zyxel:nas542_firmware:5.21(abag.9)c0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-27992

Products

Pricing

Contact Us