writeups.xyz / CVE-2023-4473 & CVE-2023-4474 - Authentication bypass and multiple blind OS command injection vulnerabilities in Zyxel’s NAS326 devices

Submitter : c2a

Date: 30 November 2023

Bounty : undisclosed

Vulnerabilities :

Programs :

Zyxel

Authors :

Gábor Selján (@GaborSeljan)

Link :
https://bugprove.com/knowledge-hub/cve-2023-4473-and-cve-2023-4474-authentication-bypass-and-multiple-blind-os-command-injection-vulnerabilities-in-zyxel-s-nas-326-devices/