Vulnerabilities > Zyxel > Nas326 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-09 | CVE-2019-10634 | Cross-site Scripting vulnerability in Zyxel Nas326 Firmware 5.21 An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields. | 5.4 |
| 2019-04-09 | CVE-2019-10632 | Path Traversal vulnerability in Zyxel Nas326 Firmware 5.21 A directory traversal vulnerability in the file browser component on the Zyxel NAS 326 version 5.21 and below allows a lower privileged user to change the location of any other user's files. | 6.5 |