CVE-2023-27992

CVSS 9.8 CRITICALEPSS 84.3%● KEVCWE-78

In short

A flaw in Zyxel NAS devices allows anyone on the network to run harmful commands on the device without needing a password, by sending a specially crafted web request. This can lead to complete device compromise and data theft.

Technical detail

Pre-authentication command injection in Zyxel NAS326, NAS540, and NAS542 devices allows unauthenticated attackers to execute arbitrary OS commands via crafted HTTP requests. The vulnerability affects firmware versions prior to specific patches (V5.21(AAZF.14)C0, V5.21(AATB.11)C0, and V5.21(ABAG.11)C0 respectively) and requires no prior authentication, resulting in complete system compromise.

Summary generated and translated by AI from the official description.

The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Zyxel · NAS326 firmware Zyxel · NAS540 firmware Zyxel · NAS542 firmware

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-27992 https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-pre-authentication-command-injection-vulnerability-in-nas-products