Tuesday, May 6, 2025
HomeCVE/vulnerabilityZyxel Command Injection Flaws Let Attackers Run OS Commands

Zyxel Command Injection Flaws Let Attackers Run OS Commands

Published on

SIEM as a Service

Follow Us on Google News

Three Command injection vulnerabilities have been discovered in Zyxel NAS (Network Attached Storage) products, which could allow a threat actor to execute system commands on successful exploitation of these vulnerabilities.

Zyxel NAS (Network Attached Storage) devices provide fast, secure, and reliable storage services for data storage and file-sharing requests. Zyxel offers Zyxel Drive, allowing users to access Zyxel NAS devices over the internet even if they are not connected to the same network. 

Users can retrieve, upload, and manage the files that are stored in the NAS devices. Zyxel has released a security advisory for these vulnerabilities and has patched the affected NAS products.

- Advertisement - Google News
Document
Protect Your Storage With SafeGuard

Is Your Storage & Backup Systems Fully Protected? – Watch 40-second Tour of SafeGuard

StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.

Command Injection Vulnerabilities

CVE-2023-35138: Command Injection

This vulnerability exists in the “show_zysync_server_contents” function of Zyxel NAS devices that could allow an unauthenticated threat actor to execute operating system commands. 

An attacker can exploit this vulnerability by sending a crafted HTTP POST request. The severity for this vulnerability has been given as 9.8 (Critical).

CVE-2023-37928: Post Command Injection

This was a post-authentication command injection vulnerability that exists in the WSGI server in NAS devices. An unauthenticated threat actor can execute Operating system commands on the affected devices by sending a crafted URL.

The severity for this vulnerability has been given as 8.8 (High).

CVE-2023-4473: Command Injection in web server

This vulnerability exists in the web server of Zyxel NAS devices, which could allow an unauthenticated threat actor to execute Operating system commands. Successful exploitation of this vulnerability requires a threat actor to send a crafted URL to the vulnerable devices.

The severity rating for this vulnerability has been given as 9.8 (Critical).

Affected Products & Fixed in Versions

Affected modelAffected versionPatch availability
NAS326V5.21(AAZF.14)C0 and earlierV5.21(AAZF.15)C0
NAS542V5.21(ABAG.11)C0 and earlierV5.21(ABAG.12)C0

Zyxel also credited the consultancies and security researchers who have responsibly reported these vulnerabilities to them. Credits were given to 

  • Maxim Suslov for CVE-2023-35138
  • Attila Szász from BugProve for CVE-2023-37928, CVE-2023-4473
  • Drew Balfour from IBM X-Force for CVE-2023-4473

Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.

Eswar
Eswar
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems...

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21...

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its...

RomCom RAT Targets UK Organizations Through Compromised Customer Feedback Portals

The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems...

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21...

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its...