CVE-2023-27992: Zyxel Multiple NAS Devices Command Injection Vulnerability.

Zyxel Multiple NAS Devices Command Injection Vulnerability. Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability that could allow an unauthenticated attacker to execute commands remotely via a crafted HTTP request.

• CISA KEV-listed (remediation due 2023-07-14)
• EPSS 86.5% (99.4% percentile)

Browse the CVE database

Read the full analysis on IntelFusions