CVE-2022-34747
published 2022-09-06CVE-2022-34747: A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zyxel | nas326_firmware | < 5.21\(aazf.12\)c0 | 5.21\(aazf.12\)c0 |
| zyxel | zyxel_nas326_firmware | < V5.21(AAZF.12)C0 | V5.21(AAZF.12)C0 |