Pre-Authentication Command Injection Vulnerability in Zyxel NAS Devices
CVE-2023-27992
Key Information:
- Vendor
Zyxel
- Vendor
- CVE Published:
- 19 June 2023
Badges
What is CVE-2023-27992?
A pre-authentication command injection vulnerability exists in certain Zyxel NAS firmware versions, which could permit an unauthenticated attacker to execute system-level commands remotely. This is accomplished by sending specially crafted HTTP requests, potentially leading to unauthorized access and manipulation of the device's operating system.
CISA has reported CVE-2023-27992
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2023-27992 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply updates per vendor instructions.
Affected Version(s)
NAS326 firmware < V5.21(AAZF.14)C0
NAS540 firmware < V5.21(AATB.11)C0
NAS542 firmware < V5.21(ABAG.11)C0
References
EPSS Score
88% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 👾
Exploit known to exist
- 🦅
CISA Reported
Vulnerability published
Vulnerability Reserved