Cyber Security News

Zyxel Command Injection Flaws Let Attackers Run OS Commands

Three Command injection vulnerabilities have been discovered in Zyxel NAS (Network Attached Storage) products, which could allow a threat actor to execute system commands on successful exploitation of these vulnerabilities.

Zyxel NAS (Network Attached Storage) devices provide fast, secure, and reliable storage services for data storage and file-sharing requests. Zyxel offers Zyxel Drive, allowing users to access Zyxel NAS devices over the internet even if they are not connected to the same network. 

Users can retrieve, upload, and manage the files that are stored in the NAS devices. Zyxel has released a security advisory for these vulnerabilities and has patched the affected NAS products.

Document
Protect Your Storage With SafeGuard

Is Your Storage & Backup Systems Fully Protected? – Watch 40-second Tour of SafeGuard

StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.

Command Injection Vulnerabilities

CVE-2023-35138: Command Injection

This vulnerability exists in the “show_zysync_server_contents” function of Zyxel NAS devices that could allow an unauthenticated threat actor to execute operating system commands. 

An attacker can exploit this vulnerability by sending a crafted HTTP POST request. The severity for this vulnerability has been given as 9.8 (Critical).

CVE-2023-37928: Post Command Injection

This was a post-authentication command injection vulnerability that exists in the WSGI server in NAS devices. An unauthenticated threat actor can execute Operating system commands on the affected devices by sending a crafted URL.

The severity for this vulnerability has been given as 8.8 (High).

CVE-2023-4473: Command Injection in web server

This vulnerability exists in the web server of Zyxel NAS devices, which could allow an unauthenticated threat actor to execute Operating system commands. Successful exploitation of this vulnerability requires a threat actor to send a crafted URL to the vulnerable devices.

The severity rating for this vulnerability has been given as 9.8 (Critical).

Affected Products & Fixed in Versions

Affected modelAffected versionPatch availability
NAS326V5.21(AAZF.14)C0 and earlierV5.21(AAZF.15)C0
NAS542V5.21(ABAG.11)C0 and earlierV5.21(ABAG.12)C0

Zyxel also credited the consultancies and security researchers who have responsibly reported these vulnerabilities to them. Credits were given to 

  • Maxim Suslov for CVE-2023-35138
  • Attila Szász from BugProve for CVE-2023-37928, CVE-2023-4473
  • Drew Balfour from IBM X-Force for CVE-2023-4473

Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.

Eswar

Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Recent Posts

Beware of New AsukaStealer Steal Browser Passwords & Desktop Screens

An updated version of the ObserverStealer known as AsukaStealer was observed to be advertised as malware-as-a-service that was capable of collecting…

1 hour ago

US to Pay $15M for Info About Lockbit Ransomware Operator Data

In a significant move against cybercrime, the U.S. government has announced a bounty of up to $15 million for information…

1 hour ago

Earth Preta Hackers Abuses Google Drive to Deploy DOPLUGS Malware

Threat actors abuse Google Drive for several malicious activities due to its widespread use, easy file sharing, and collaboration features.…

4 hours ago

Swiggy Account Hacked, Hackers Placed Orders Worth Rs 97,000

In a startling incident underscoring the growing menace of cybercrime, a woman's Swiggy account was hacked, leading to fraudulent orders…

4 hours ago

Beware of VietCredCare Malware that Steals businesses’ Facebook Accounts

A new cybersecurity threat targeting Facebook advertisers in Vietnam, known as VietCredCare, has emerged. This information stealer has been active…

19 hours ago

Google Chrome 122 Update Addresses Critical Security Vulnerabilities

Google has recently unveiled Chrome 122, a significant milestone for the widely used web browser. The most recent release, compatible…

24 hours ago