FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2023-37927

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

Published: Nov 30, 2023 / Updated: 11mo ago

010
CVSS 8.8EPSS 0.05%High
CVE info copied to clipboard

The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2023-37927

Nov 29, 2023 at 6:15 PM
First Article

Feedly found the first article mentioning CVE-2023-37927. See article

Nov 30, 2023 at 2:23 AM / Zyxel – Leader in Secure, AI-Powered Cloud Networking Solutions
EPSS

EPSS Score was set to: 0.05% (Percentile: 18%)

Dec 1, 2023 at 3:32 PM
Trending

This CVE started to trend in security discussions

Dec 2, 2023 at 10:14 AM
Threat Intelligence Report

The vulnerability CVE-2023-37927 is a high-severity command injection vulnerability in Zyxel NAS devices. It has not been reported as being exploited in the wild, and there are no known proof-of-concept exploits. Zyxel has been notified and is working on addressing this vulnerability along with other reported vulnerabilities in their devices. See article

Jan 30, 2024 at 3:05 PM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (731667)

Jul 22, 2024 at 7:53 AM
Static CVE Timeline Graph

Affected Systems

Zyxel/nas542_firmware
+null more

Patches

www.zyxel.com
+null more

Attack Patterns

CAPEC-108: Command Line Execution through SQL Injection
+null more

References

Zyxel security advisory for authentication bypass and command injection vulnerabilities in NAS products
Zyxel – Leader in Secure, AI-Powered Cloud Networking Solutions / 11mo
CVE-2023-37928 A post-authentication command injection vulnerability in the WSGI server in Zyxel NAS devices could allow an authenticated attacker to execute some OS commands by sending a crafted URL to a vulnerable device. CVE-2023-4474 The improper neutralization of special elements in the WSGI server in Zyxel NAS devices could allow an unauthenticated attacker to execute some OS commands by sending a crafted URL to a vulnerable device.
Post-auth blind Python code injection vulnerabilities in Zyxel’s NAS326 and NAS542 devices
BugProve - Automated IoT Firmware Analysis Platform / 9mo
Post-auth blind Python code injection vulnerabilities exist when some Zyxel NAS versions improperly handle user provided input. The web management interface appears to be vulnerable to Python code injection attacks.

News

Post-auth blind Python code injection vulnerabilities in Zyxel’s NAS326 and NAS542 devices
BugProve - Automated IoT Firmware Analysis Platform / 9mo
Post-auth blind Python code injection vulnerabilities exist when some Zyxel NAS versions improperly handle user provided input. The web management interface appears to be vulnerable to Python code injection attacks.
Multiple Critical Flaws Found In Zyxel NAS Devices - Cyber Security News
"critical vulnerability " - Google News / 11mo
Zyxel NAS users must rush to update their devices at the earliest as the vendors have patched numerous security flaws. CVE-2023-4474: The improper neutralization of special elements in the Zyxel NAS WSGI server could allow OS command execution from an unauthenticated attacker.
Rewterz Threat Advisory – Multiple Zyxel NAS326 and NAS542 Vulnerabilities
Rewterz News Archives - Rewterz / 11mo
Zyxel NAS326 and NAS542 devices could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper neutralization of user-supplied input by the WSGI server. Zyxel NAS326 and NAS542 devices could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper neutralization of user-supplied input by the CGI program.
Zyxel Addresses Critical Security Vulnerabilities in NAS Products
IoT For All / 11mo
Zyxel, a leading networking solutions provider, has recently published a security advisory addressing critical security vulnerabilities including authentication bypass and command injection vulnerabilities discovered in some of their personal cloud storage products (Specific models affected: NAS326 and NAS542). CVE-2023-4473: Authentication bypass vulnerability allows attackers to circumvent the authentication mechanism of the webserver to gain unauthorized access and exploit other command injection vulnerabilities that would otherwise require authentication.
Bulletins Security Bulletin 6 Dec 2023 06 December 2023 SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Latest articles about All products / 11mo
See 45 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

CVSS 8.8(18246)CWE-78(3977)Zyxel(259)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial