Vulnerabilities > CVE-2024-6342 - Unspecified vulnerability in Zyxel Nas326 Firmware and Nas542 Firmware

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

zyxel

NVD

Published: 2024-09-10

Updated: 2025-01-22

Summary

**UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability in the export-cgi program of Zyxel NAS326 firmware versions through V5.21(AAZF.18)C0 and NAS542 firmware versions through V5.21(ABAG.15)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.

Vulnerable Configurations

Part	Description	Count
OS	Zyxel Zyxel Nas326 Firmware - Zyxel Nas326 Firmware 5.21 Zyxel Nas326 Firmware 5.21\(Aazf.7\)C0 Zyxel Nas326 Firmware 5.21\(Aazf.12\)C0 Zyxel Nas326 Firmware 5.21\(Aazf.13\)C0 Zyxel Nas326 Firmware 5.21\(Aazf.14\)C0 Zyxel Nas326 Firmware 5.21\(Aazf.16\)C0 Zyxel Nas326 Firmware 5.21\(Aazf.17\)C0 Zyxel Nas326 Firmware 5.21\(Aazf.18\)C0 Zyxel Nas542 Firmware - Zyxel Nas542 Firmware 5.21\(Abag.4\)C0 Zyxel Nas542 Firmware 5.21\(Abag.9\)C0 Zyxel Nas542 Firmware 5.21\(Abag.10\)C0 Zyxel Nas542 Firmware 5.21\(Abag.11\)C0 Zyxel Nas542 Firmware 5.21\(Abag.13\)C0 Zyxel Nas542 Firmware 5.21\(Abag.14\)C0 Zyxel Nas542 Firmware 5.21\(Abag.15\)C0	17
Hardware	Zyxel Zyxel Nas326 - Zyxel Nas542 -	2

References

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-nas-products-09-10-2024