CVE-2023-35138

CVSS V2 None CVSS V3 None
Description
A command injection vulnerability in the “show_zysync_server_contents” function of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.
Overview
  • CVE ID
  • CVE-2023-35138
  • Assigner
  • Zyxel
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-11-30T01:30:44.661Z
  • Last Modified Date
  • 2023-11-30T01:41:35.390Z
History
Created Old Value New Value Data Type Notes
2024-06-25 19:44:42 Added to TrackCVE