Zyxel has released firmware patches for a critical vulnerability (CVE-2023-27992) in some of its consumer network attached storage (NAS) devices. About CVE-2023-27992 CVE-2023-27992 is an OS command injection flaw that could be triggered remotely by an unauthenticated attacker, via a specially crafted HTTP request. It affects the following Zyxel NAS devices: NAS326 – firmware versions prior to V5.21(AAZF.14)C0 NAS540 – firmware versions prior to V5.21(AATB.11)C0 NAS542 – firmware versions prior to V5.21(ABAG.11)C0 Andrej Zaujec, National … More
The post Zyxel patches critical vulnerability in NAS devices (CVE-2023-27992) appeared first on Help Net Security.