Zyxel | writeups.xyz

Title	Vulnerabilities	Programs	Authors
CVE-2023-5372 - Post-auth blind Python code injection vulnerabilities in Zyxel’s NAS326 and NAS542 devices	Code Injection RCE Security Code Review	Zyxel	Gábor Selján (@GaborSeljan)
SSD Advisory – Zyxel VPN Series Pre-auth Remote Command Execution	RCE Security Code Review	Zyxel	-
CVE-2023-37927 & CVE-2023-37928 - Multiple post-auth blind OS command and Python code injection vulnerabilities in Zyxel’s NAS326 devices	Code Injection OS Command Injection RCE Security Code Review	Zyxel	Gábor Selján (@GaborSeljan)
CVE-2023-4473 & CVE-2023-4474 - Authentication bypass and multiple blind OS command injection vulnerabilities in Zyxel’s NAS326 devices	Authentication Bypass OS Command Injection RCE Security Code Review	Zyxel	Gábor Selján (@GaborSeljan)
Useless path traversals in Zyxel admin interface (CVE-2022-2030)	Path Traversal	Zyxel	Maurizio Agazzini (@0x696e6f6465)
Hacking Zyxel IP cameras to gain a root shell	Missing Authentication DoS Information Disclosure Local Privilege Escalation	Zyxel	Eric Urban
CVE-2022-30526 (Fixed): Zyxel Firewall Local Privilege Escalation	Local Privilege Escalation	Zyxel	Jake Baines (@Junior_Baines)
Multiple vulnerabilities in Zyxel zysh	OS Command Injection Memory Corruption	Zyxel	Marco Ivaldi / Raptor (@0xdea)

Page 1 of 1