Vulnerabilities > Zyxel > Nas326 Firmware > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-09-06 | CVE-2022-34747 | Use of Externally-Controlled Format String vulnerability in Zyxel Nas326 Firmware 5.21/5.21(Aazf.7)C0 A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet. | 9.8 |
2020-03-04 | CVE-2020-9054 | OS Command Injection vulnerability in Zyxel products Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. | 9.8 |