← Back to CVEs
CVE-2023-27992
CRITICALCISA KEV9.8
Description
The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published6/19/2023
Last Modified10/27/2025
Sourcekev
Honeypot Sightings0
CISA KEV
VendorZyxel
ProductMultiple Network-Attached Storage (NAS) Devices
Vulnerability NameZyxel Multiple NAS Devices Command Injection Vulnerability
KEV Date Added2023-06-23
Remediation Due Date2023-07-14
Ransomware UseUnknown
Affected Products
zyxel:nas326zyxel:nas326_firmwarezyxel:nas540zyxel:nas540_firmwarezyxel:nas542zyxel:nas542_firmware
Weaknesses (CWE)
CWE-78CWE-78
References
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-pre-authentication-command-injection-vulnerability-in-nas-products(security@zyxel.com.tw)
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-pre-authentication-command-injection-vulnerability-in-nas-products(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-27992(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.