Zyxel fixes major vulnerability in home NAS devices
Users are advised to update their systems immediately to avoid potential cyber-attacks
Zyxel, a company renowned for the production of network connected storage devices (NAS) for home use, has solved a significant security problem. The vulnerability, named CVE-2023-27988, was a high-severity security risk involving authenticated command injection. This security issue was seen in the device web management interface.
Impact of the vulnerability on devices and users
This specific vulnerability, as confirmed by Zyxel, would have allowed an authenticated attacker with administrative privileges to remotely execute certain operating system (OS) commands on an affected device. The attack could therefore have caused significant damage if not properly resolved.
Affected Zyxel device versions
The Zyxel NAS device models affected by this vulnerability are as follows:
- NAS326 version 5.21(AAZF.12)C0 and earlier
- NAS540 version 5.21(AAZF.9)C0 and earlier
- NAS542 version 5.21(AAZF.9)C0 and earlier
Vulnerability analysis and corrective measures
Sternum researchers have reported the vulnerability, released a root cause analysis of the flaw and described how they caused target devices to perform unexpected actions. These tests confirmed that an authenticated user could exploit the vulnerability to execute an arbitrary system command with root privileges on the device. As a result, the vulnerability could be used for more malicious purposes, such as remote injection of malware. Zyxel released firmware patches on Tuesday, May 30, advising users to implement them as quickly as possible. At the moment, there are no indications on possible alternative solutions. While there are no reports yet of attackers exploiting this vulnerability, it is important to note that NAS devices are generally attractive targets for cybercriminals, as evidenced by previous ransomware attacks targeting QNAP NAS devices.
Follow us on Instagram for more pills like this05/31/2023 13:00
Editorial AI