Zyxel Has Released Patches Addressing a Pre-Authentication Command Injection Vulnerability in Some NAS Versions
Successful exploitation of the critical vulnerability allows an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request.
CVE-2023-27992 is a pre-authentication command injection vulnerability in some NAS (Network Attached Storage) devices.
- NAS326, version V5.21(AAZF.13)C0 and earlier
- NAS540, version V5.21(AATB.10)C0 and earlier
- NAS542, version V5.21(ABAG.10)C0 and earlier
The flaw was discovered by Andrej Zaujec, NCSC-FI, and Maxim Suslov and has received a CVSS v3 score of 9.8.
To address the vulnerabilities, Zyxel advises users to patch, using the patches mentioned in their advisory, available at:
In case of an intrusion, you can report an incident via: https://cert.be/en/report-incident