September 26, 2022

TheCyberThrone

Thinking Security ! Always

Zyxel addressed Critical Vulnerability

Zyxel addressed a critical vulnerability, tracked as CVE-2022-34747with CVSS of 9.8, impacting its NAS devices.

This flaw is classified as a format string vulnerability that resides in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0. An attacker can exploit the vulnerability to achieve unauthorized remote code execution via a crafted UDP packet.

Advertisements

A format string vulnerability was found in a specific binary of Zyxel NAS products that could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet.

Affected Devices

  • NAS326
  • NAS540
  • NAS542
%d bloggers like this: