Zyxel Nas326 Firmware
15 CVEs affecting Zyxel Nas326 Firmware. Latest disclosed: 2024-09-10. Critical: 8, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-6342 | Critical | 9.8 | 2024-09-10 | **UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability in the export-cgi program of Zyxel NAS326 firmware versions through V5.21(AAZF.18)C0 and NAS542… |
CVE-2024-29974 | Critical | 9.8 | 2024-06-04 | ** UNSUPPORTED WHEN ASSIGNED ** The remote code execution vulnerability in the CGI program “file_upload-cgi” in Zyxel NAS326 firmware versions before V5.21(AAZ… |
CVE-2024-29973 | Critical | 9.8 | 2024-06-04 | ** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and… |
CVE-2024-29972 | Critical | 9.8 | 2024-06-04 | ** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the CGI program "remote_help-cgi" in Zyxel NAS326 firmware versions before V5.21(AAZF.17… |
CVE-2023-4474 | Critical | 9.8 | 2023-11-30 | The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG… |
CVE-2023-4473 | Critical | 9.8 | 2023-11-30 | A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could al… |
CVE-2023-35138 | Critical | 9.8 | 2023-11-30 | A command injection vulnerability in the “show_zysync_server_contents” function of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware versi… |
CVE-2023-27992 | Critical | 9.8 | 2023-06-19 | The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21… |
CVE-2023-37928 | High | 8.8 | 2023-11-30 | A post-authentication command injection vulnerability in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.2… |
CVE-2023-37927 | High | 8.8 | 2023-11-30 | The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG… |
CVE-2023-35137 | High | 7.5 | 2023-11-30 | An improper authentication vulnerability in the authentication module of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(A… |
CVE-2023-5372 | High | 7.2 | 2024-01-30 | The post-authentication command injection vulnerability in Zyxel NAS326 firmware versions through V5.21(AAZF.15)C0 and NAS542 firmware versions through V5.21(A… |
CVE-2023-27988 | High | 7.2 | 2023-05-30 | The post-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.13)C0 could allow an authenticated attacker w… |
CVE-2024-29975 | Medium | 6.7 | 2024-06-04 | ** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the SUID executable binary in Zyxel NAS326 firmware versions before V5.21(AA… |
CVE-2024-29976 | Medium | 6.5 | 2024-06-04 | ** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the command “show_allsessions” in Zyxel NAS326 firmware versions before V5.2… |