Nas326 Firmware

nas326_firmware

Vendor: Zyxel • 24 CVEs

CVEs (24)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-10633 1Zyxel 1Nas326 Firmware Nov 21, 2024 Apr 9, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs.
CVE-2019-10632 1Zyxel 1Nas326 Firmware Nov 21, 2024 Apr 9, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A directory traversal vulnerability in the file browser component on the Zyxel NAS 326 version 5.21 and below allows a lower privileged user to change the location of any other user's files.
CVE-2019-10631 1Zyxel 1Nas326 Firmware Nov 21, 2024 Apr 9, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests.
CVE-2019-10630 1Zyxel 1Nas326 Firmware Nov 21, 2024 Apr 9, 2019 N/A· v4 8.8 HIGH· v3 4.0 MEDIUM· v2 A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device.