cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-6342,https://securityvulnerability.io/vulnerability/CVE-2024-6342,Crafted HTTP POST request can execute OS commands,"A command injection vulnerability exists in the export-cgi program within Zyxel NAS326 and NAS542 firmware, allowing unauthenticated attackers to execute operating system commands. This can be exploited by sending crafted HTTP POST requests, potentially compromising the integrity and operational functionality of the affected devices. Users of the NAS326 and NAS542 models should review the firmware versions to mitigate risks associated with this vulnerability.",Zyxel,"Nas326 Firmware,Nas542 Firmware",9.8,CRITICAL,0.0004299999854993075,false,,true,false,false,,,false,false,,2024-09-10T01:55:13.215Z,0
CVE-2024-29976,https://securityvulnerability.io/vulnerability/CVE-2024-29976,Improper Privilege Management Vulnerability Affects Zyxel NAS326 Firmware,"** UNSUPPORTED WHEN ASSIGNED **
The improper privilege management vulnerability in the command “show_allsessions” in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an authenticated attacker to obtain a logged-in administrator’s session information containing cookies on an affected device.",Zyxel,"Nas326 Firmware,Nas542 Firmware",6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-04T01:47:09.211Z,0
CVE-2024-29975,https://securityvulnerability.io/vulnerability/CVE-2024-29975,Improper Privilege Management Vulnerability Affects Zyxel NAS326 and NAS542 Firmware,"** UNSUPPORTED WHEN ASSIGNED **
The improper privilege management vulnerability in the SUID executable binary in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an authenticated local attacker with administrator privileges to execute some system commands as the “root” user on a vulnerable device.",Zyxel,"Nas326 Firmware,Nas542 Firmware",6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-04T01:43:06.403Z,0
CVE-2024-29974,https://securityvulnerability.io/vulnerability/CVE-2024-29974,Unauthenticated Remote Code Execution Vulnerability in Zyxel NAS326 Firmware,"A vulnerability in the Zyxel NAS326 and NAS542 devices involves the CGI program 'file_upload-cgi', which allows unauthorized remote code execution. By uploading a specially crafted configuration file, attackers can exploit this flaw to execute arbitrary commands on the device. This vulnerability affects firmware versions released prior to V5.21(AAZF.17)C0 for NAS326 and V5.21(ABAG.14)C0 for NAS542. Users are advised to update their firmware promptly to mitigate potential security risks associated with this issue.",Zyxel,"Nas326 Firmware,Nas542 Firmware",9.8,CRITICAL,0.0004299999854993075,false,,true,false,false,,,false,false,,2024-06-04T01:34:11.340Z,0
CVE-2024-29973,https://securityvulnerability.io/vulnerability/CVE-2024-29973,Unauthenticated Command Injection Vulnerability in Zyxel NAS326 Firmware,"The Zyxel NAS326 and NAS542 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 have an unauthenticated command injection vulnerability that allows unauthenticated attackers to execute operating system (OS) commands by sending a crafted HTTP POST request. Three other high-severity vulnerabilities were discovered by security researchers in these devices as well, including a backdoor account called ""NsaRescueAngel."" The discovery of these vulnerabilities prompted Zyxel to release patches for these devices, despite reaching end-of-life status. There is no evidence of these vulnerabilities being exploited in the wild, but the proof of concept for exploitation is available, so it is likely to happen soon.",Zyxel,"Nas326 Firmware,Nas542 Firmware",9.8,CRITICAL,0.004189999774098396,false,,true,true,true,2024-06-21T15:38:50.000Z,true,false,false,,2024-06-04T01:29:41.852Z,110
CVE-2024-29972,https://securityvulnerability.io/vulnerability/CVE-2024-29972,Unauthenticated Command Injection Vulnerability in Zyxel NAS326 Firmware,"A critical unauthenticated command injection vulnerability has been discovered in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0. This vulnerability could allow an unauthenticated attacker to execute operating system commands through a crafted HTTP POST request. Zyxel has released patches for three high-severity flaws affecting these devices and advised users to apply them immediately. In addition to these three critical vulnerabilities, two other moderately severe flaws were also found. The devices reached end-of-life status, but Zyxel still decided to patch them for organizations with extended warranty. The vulnerabilities were discovered by Timothy Hjort, but at the time of reporting, there were no reports or evidence of in-the-wild abuse, although the methodology is widely available, indicating that it is likely just a matter of time before an exploitation is seen.",Zyxel,"Nas326 Firmware,Nas542 Firmware",9.8,CRITICAL,0.004189999774098396,false,,true,false,false,,,false,false,,2024-06-04T01:24:58.172Z,0
CVE-2023-5372,https://securityvulnerability.io/vulnerability/CVE-2023-5372,Post-Authentication Command Injection Vulnerability in Zyxel NAS Products,"An authenticated post-authentication command injection vulnerability exists in the Zyxel NAS326 and NAS542 firmware, allowing attackers with administrator privileges to execute arbitrary operating system commands. This exploitation can be achieved by navigating to the web management interface of an affected device and sending a specially crafted query parameter within the URL. The affected firmware versions enhance the risk by not adequately validating input, thereby providing a potential attack vector for malicious actors.",Zyxel,"Nas326 Firmware,Nas542 Firmware",7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-01-30T00:55:33.090Z,0
CVE-2023-4474,https://securityvulnerability.io/vulnerability/CVE-2023-4474,Command Injection Vulnerability in Zyxel NAS326 and NAS542 Products,"A vulnerability in the WSGI server of the Zyxel NAS326 and NAS542 products enables unauthenticated attackers to execute operating system commands. By crafting a specific URL, attackers can bypass authentication protocols, posing serious security risks. This flaw affects specific firmware versions, highlighting the importance of keeping software updated and implementing proper security measures.",Zyxel,"NAS326 firmware,NAS542 firmware",9.8,CRITICAL,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-11-30T02:15:00.000Z,0
CVE-2023-35137,https://securityvulnerability.io/vulnerability/CVE-2023-35137,Improper Authentication Vulnerability in Zyxel NAS Firmware,"An improper authentication vulnerability exists in Zyxel NAS326 and NAS542 devices, specifically within their authentication modules. An unauthenticated attacker could exploit this flaw by sending a specially crafted URL to a vulnerable device, potentially allowing access to sensitive system information. This vulnerability highlights the importance of robust authentication mechanisms in safeguarding device integrity.",Zyxel,"NAS326 firmware,NAS542 firmware",7.5,HIGH,0.0018500000005587935,false,,false,false,false,,,false,false,,2023-11-30T02:15:00.000Z,0
CVE-2023-35138,https://securityvulnerability.io/vulnerability/CVE-2023-35138,Command Injection Vulnerability in Zyxel NAS Products,"A command injection vulnerability exists in the Zyxel NAS326 and NAS542 firmware that may allow unauthorized users to execute arbitrary operating system commands. This weakness is realized through the 'show_zysync_server_contents' function, which becomes exploitable if manipulated via a specially crafted HTTP POST request. Attackers could leverage this flaw to gain control over system operations, posing significant risks to data integrity and confidentiality.",Zyxel,"NAS326 firmware,NAS542 firmware",9.8,CRITICAL,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-11-30T02:15:00.000Z,0
CVE-2023-37927,https://securityvulnerability.io/vulnerability/CVE-2023-37927,Command Injection Vulnerability in Zyxel NAS Devices,"The Zyxel NAS326 and NAS542 devices are vulnerable due to improper handling of special elements in their CGI program. This flaw permits authenticated attackers to execute arbitrary operating system commands by crafting specially designed URLs. If exploited, this weakness could compromise the integrity of the affected systems, enabling unauthorized access and potential further attacks on the network. Users of these devices are urged to update their firmware to mitigate risks.",Zyxel,"NAS326 firmware,NAS542 firmware",8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-11-30T02:15:00.000Z,0
CVE-2023-37928,https://securityvulnerability.io/vulnerability/CVE-2023-37928,Post-Authentication Command Injection Vulnerability in Zyxel NAS326 and NAS542,"A post-authentication command injection vulnerability exists in the WSGI server of Zyxel NAS326 and NAS542 firmware, allowing an authenticated attacker to execute arbitrary operating system commands. By crafting a malicious URL and exploiting this weakness, attackers can potentially compromise device integrity and access sensitive information. This vulnerability highlights the importance of securing firmware updates and maintaining robust authentication protocols.",Zyxel,"NAS326 firmware,NAS542 firmware",8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-11-30T02:15:00.000Z,0
CVE-2023-4473,https://securityvulnerability.io/vulnerability/CVE-2023-4473,Command Injection Vulnerability in Zyxel NAS326 and NAS542 Products,"A command injection vulnerability has been discovered in the Zyxel NAS326 and NAS542 web server firmware, enabling unauthenticated attackers to execute arbitrary operating system commands. This security flaw can be exploited by sending specifically crafted URLs to the affected devices, posing significant risks to device integrity and data security. Users are advised to apply the relevant security updates to mitigate potential threats.",Zyxel,"NAS326 firmware,NAS542 firmware",9.8,CRITICAL,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-11-30T02:15:00.000Z,0
CVE-2023-27992,https://securityvulnerability.io/vulnerability/CVE-2023-27992,Pre-Authentication Command Injection Vulnerability in Zyxel NAS Devices,"A pre-authentication command injection vulnerability exists in certain Zyxel NAS firmware versions, which could permit an unauthenticated attacker to execute system-level commands remotely. This is accomplished by sending specially crafted HTTP requests, potentially leading to unauthorized access and manipulation of the device's operating system.",Zyxel,"Nas326 Firmware,Nas540 Firmware,Nas542 Firmware",9.8,CRITICAL,0.02938999980688095,true,2023-06-23T00:00:00.000Z,false,false,true,2023-06-23T00:00:00.000Z,,false,false,,2023-06-19T12:15:00.000Z,0