Advertisement
Top
image credit: Adobe Stock

Zyxel Releases Urgent Security Updates for Critical Vulnerability in NAS Devices

June 20, 2023

Via: The Hacker News
Category:

Zyxel has rolled out security updates to address a critical security flaw in its network-attached storage (NAS) devices that could result in the execution of arbitrary commands on affected systems.

Tracked as CVE-2023-27992 (CVSS score: 9.8), the issue has been described as a pre-authentication command injection vulnerability.

“The pre-authentication command injection vulnerability in some Zyxel NAS devices could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request,” Zyxel said in an advisory published today.

Read More on The Hacker News

RELATED PUBLICATIONS

Intel Thunderbolt Share aims to simplify connection and resource sharing between multiple PCs
New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks
iOS 17.5 bug resurfaces old deleted photos for some reason

Latest Publications

Intel Thunderbolt Share aims to simplify connection and resource sharing between multiple PCs
New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks
iOS 17.5 bug resurfaces old deleted photos for some reason
Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks
AMD RDNA 4 graphics cards could be imminent, as huge driver-related hint is dropped
Technology Curated Copyright © 2024. All rights reserved
Go to ITCurated!