Zyxel has taken swift action to rectify 15 security vulnerabilities affecting a range of devices, including network-attached storage (NAS), firewalls, and access points (APs). Among these vulnerabilities, three critical flaws posed significant risks, enabling potential attackers to bypass authentication and execute command injections.
The specific vulnerabilities are detailed as follows:
- CVE-2023-35138 (CVSS score: 9.8) – A critical command injection vulnerability that permits unauthenticated attackers to execute operating system commands through a carefully crafted HTTP POST request.
- CVE-2023-4473 (CVSS score: 9.8) – A critical command injection vulnerability within the web server, allowing unauthenticated attackers to execute operating system commands via a manipulated URL directed at a vulnerable device.
- CVE-2023-4474 (CVSS score: 9.8) – An imperative improper neutralization of special elements vulnerability enabling unauthenticated attackers to execute operating system commands through a specifically crafted URL.
Zyxel has also addressed three high-severity flaws (CVE-2023-35137, CVE-2023-37927, and CVE-2023-37928). Exploiting these vulnerabilities could potentially grant attackers access to system information and the ability to execute arbitrary commands. It’s noteworthy that CVE-2023-37927 and CVE-2023-37928 require authentication for successful exploitation.
The impacted models and versions include:
- NAS326: Versions V5.21(AAZF.14)C0 and earlier (Patched in V5.21(AAZF.15)C0)
- NAS542: Versions V5.21(ABAG.11)C0 and earlier (Patched in V5.21(ABAG.12)C0)
This comprehensive advisory follows closely on the heels of Zyxel’s recent fixes for nine vulnerabilities in specific firewall and access point versions. Some of these could potentially be weaponized to gain unauthorized access to system files and administrator logs, or even trigger a denial-of-service (DoS) condition.
Given the historical exploitation of Zyxel devices by threat actors, users are strongly urged to promptly apply the latest updates to fortify their systems against potential security threats.