CVE-2023-27992: Zyxel Multiple NAS Devices Command Injection Vulnerability
First published: Mon Jun 19 2023(Updated: )
The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request.
Credit: security@zyxel.com.tw security@zyxel.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zyxel NAS326 firmware | <=5.21\(aazf.13\)c0 | |
| Zyxel NAS326 | ||
| Zyxel Nas540 Firmware | <=5.21\(aatb.10\)c0 | |
| Zyxel Nas540 | ||
| Zyxel Nas542 Firmware | <=5.21\(abag.10\)c0 | |
| Zyxel NAS542 | ||
| Zyxel Multiple Network-Attached Storage (NAS) Devices | ||
| All of | ||
| Zyxel NAS326 | ||
| Zyxel NAS326 firmware | <=5.21\(aazf.13\)c0 | |
| All of | ||
| Zyxel Nas540 | ||
| Zyxel Nas540 Firmware | <=5.21\(aatb.10\)c0 | |
| All of | ||
| Zyxel NAS542 | ||
| Zyxel Nas542 Firmware | <=5.21\(abag.10\)c0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-pre-authentication-command-injection-vulnerability-in-nas-products
- https://www.theregister.com/2024/06/05/zyxel_emergency_patches_nas/
- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-pre-authentication-command-injection-vulnerability-in-nas-products;
- https://nvd.nist.gov/vuln/detail/CVE-2023-27992
Frequently Asked Questions
What is CVE-2023-27992?
CVE-2023-27992 is a command injection vulnerability found in multiple Zyxel network-attached storage (NAS) devices.
How severe is CVE-2023-27992?
CVE-2023-27992 is rated as a high severity vulnerability.
How can an attacker exploit CVE-2023-27992?
An unauthenticated attacker can exploit CVE-2023-27992 by sending a crafted HTTP request to execute arbitrary commands remotely on the affected NAS devices.
Has Zyxel released a security advisory for CVE-2023-27992?
Yes, Zyxel has released a security advisory for the pre-authentication command injection vulnerability in their NAS products.
Where can I find more information about CVE-2023-27992?
You can find more information about CVE-2023-27992 in the Zyxel security advisory on their official website.
- collector/nvd-index
- agent/type
- agent/weakness
- agent/softwarecombine
- agent/description
- agent/title
- agent/author
- agent/remedy
- collector/the-register
- source/The Register
- alias/CVE-2024-29972
- alias/CVE-2024-29973
- alias/CVE-2024-29974
- alias/CVE-2023-27992
- alias/CVE-2024-29975
- alias/CVE-2024-29976
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/first-publish-date
- agent/event
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/tags
- agent/references
- collector/nvd-cve
- source/NVD
- vendor/zyxel
- canonical/zyxel nas326 firmware
- version/zyxel nas326 firmware/5.21\(aazf.13\)c0
- canonical/zyxel nas326
- canonical/zyxel nas540 firmware
- version/zyxel nas540 firmware/5.21\(aatb.10\)c0
- canonical/zyxel nas540
- canonical/zyxel nas542 firmware
- version/zyxel nas542 firmware/5.21\(abag.10\)c0
- canonical/zyxel nas542
- canonical/zyxel multiple network-attached storage (nas) devices