THREATOPS
THREAT OPSCVEs › CVE-2023-27992

CVE-2023-27992 — Zyxel Multiple NAS Devices Command Injection Vulnerability

CISA KEVExploited: confirmedZyxel

Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability that could allow an unauthenticated attacker to execute commands remotely via a crafted HTTP request.

Vulnerability details