Security News > 2023 > June > Zyxel patches critical vulnerability in NAS devices (CVE-2023-27992)
Zyxel has released firmware patches for a critical vulnerability in some of its consumer network attached storage devices.
CVE-2023-27992 is an OS command injection flaw that could be triggered remotely by an unauthenticated attacker, via a specially crafted HTTP request.
Rej Zaujec, National Cyber Security Centre Finland, and Maxim Suslov have been credited with reporting the vulnerability.
NAS devices are often targeted by attackers wielding specialized ransomware and malware such as the Mirai bot.
There is currently no indication that CVE-2023-27992 is being actively exploited.
Since Zyxel does not mention workarounds or mitigations, owners/admins of the aforementioned NAS device models are advised to quickly upgrade to the latest firmware version.
News URL
https://www.helpnetsecurity.com/2023/06/20/cve-2023-27992/
Related news
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- D-Link won’t fix critical flaw affecting 60,000 older NAS devices (source)
- Week in review: Zero-click flaw in Synology NAS devices, Google fixes exploited Android vulnerability (source)
- Critical bug in EoL D-Link NAS devices now exploited in attacks (source)
- Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites (source)
- QNAP addresses critical flaws across NAS, router software (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-19 | CVE-2023-27992 | OS Command Injection vulnerability in Zyxel Nas326 Firmware, Nas540 Firmware and Nas542 Firmware The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request. | 0.0 |