Vulnerabilities > Zyxel > Nas326 Firmware > 5.21

DATE CVE VULNERABILITY TITLE RISK
2019-04-09 CVE-2019-10631 OS Command Injection vulnerability in Zyxel Nas326 Firmware 5.21
Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests.
network
low complexity
zyxel CWE-78
8.8
2019-04-09 CVE-2019-10630 Insufficiently Protected Credentials vulnerability in Zyxel Nas326 Firmware 5.21
A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device.
network
low complexity
zyxel CWE-522
8.8