writeups.xyz / CVE-2023-5372 - Post-auth blind Python code injection vulnerabilities in Zyxel’s NAS326 and NAS542 devices

Submitter : c2a

Date: 30 January 2024

Bounty : undisclosed

Vulnerabilities :

• Code Injection
• RCE
• Security Code Review

Programs :

• Zyxel

Authors :

• Gábor Selján (@GaborSeljan)

Link :
https://bugprove.com/knowledge-hub/cve-2023-5372-post-auth-blind-python-code-injection-vulnerabilities-in-zyxel-s-nas-326-and-nas-542-devices/