CRITICAL🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2023-27992

CVSS 9.8v3.1pub. 2023-06-19upd. 2025-10-27

The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Zyxel Nas326

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Nas326 Firmware

    OS
    Zyxel
    < 5.21\(aazf.14\)c0
  • Zyxel Nas540

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Nas540 Firmware

    OS
    Zyxel
    < 5.21\(aatb.11\)c0
  • Zyxel Nas542

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Nas542 Firmware

    OS
    Zyxel
    < 5.21\(abag.11\)c0

CISA KEV — detailsi

Vendori
Zyxel
Producti
Multiple Network-Attached Storage (NAS) Devices
Added to KEVi
June 23, 2023
Remediation deadline (US Federal)i
July 14, 2023(overdue)
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability that could allow an unauthenticated attacker to execute commands remotely via a crafted HTTP request.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 14 lipca 2023
Tags
Auth BypassCommand Injection
CWE
References

Related vulnerabilities

CVE-2020-9054CRITICAL9.8⚠ KEVten sam produkt

Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authenticati...

CVE-2024-6342CRITICAL9.8PL ✓ten sam produkt

Command injection w Zyxel NAS326/NAS542 — zdalne wykonanie poleceń OS

CVE-2024-29974CRITICAL9.8PL ✓ten sam produkt

RCE w Zyxel NAS326/NAS542 — nieuwierzytelnione wykonanie kodu przez upload pliku

CVE-2024-29972CRITICAL9.8PL ✓ten sam produkt

Command injection w Zyxel NAS326/NAS542 — nieuwierzytelnione RCE

CVE-2024-29973CRITICAL9.8PL ✓ten sam produkt

Command injection w parametrze setCookie urządzeń Zyxel NAS326/NAS542