Vulnerabilities > CVE-2024-29973 - Unspecified vulnerability in Zyxel Nas326 Firmware and Nas542 Firmware

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

zyxel

NVD

Published: 2024-06-04

Updated: 2025-01-22

Summary

** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.

Vulnerable Configurations

Part	Description	Count
OS	Zyxel Zyxel Nas326 Firmware - Zyxel Nas326 Firmware 5.21 Zyxel Nas326 Firmware 5.21\(Aazf.7\)C0 Zyxel Nas326 Firmware 5.21\(Aazf.12\)C0 Zyxel Nas326 Firmware 5.21\(Aazf.13\)C0 Zyxel Nas326 Firmware 5.21\(Aazf.14\)C0 Zyxel Nas326 Firmware 5.21\(Aazf.16\)C0 Zyxel Nas542 Firmware - Zyxel Nas542 Firmware 5.21\(Abag.4\)C0 Zyxel Nas542 Firmware 5.21\(Abag.9\)C0 Zyxel Nas542 Firmware 5.21\(Abag.10\)C0 Zyxel Nas542 Firmware 5.21\(Abag.11\)C0 Zyxel Nas542 Firmware 5.21\(Abag.13\)C0	13
Hardware	Zyxel Zyxel Nas326 - Zyxel Nas542 -	2

Vulnerabilities > CVE-2024-29973 - Unspecified vulnerability in Zyxel Nas326 Firmware and Nas542 Firmware

Summary

Vulnerable Configurations

Related news

References