CVE-2023-4474

CWE-78 — OS Command Injection10 documents5 sources

Severity

9.8CRITICAL

EPSS

16.3%

top 5.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Zyxel Nas326 Firmware Zyxel Nas542 Firmware

Timeline

PublishedNov 30

Latest updateMay 2

Description

The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

▶NVDzyxel/nas326_firmware5.21\(aazf.14\)c0

▶NVDzyxel/nas542_firmware5.21\(abag.11\)c0

▶CVEListV5zyxel/nas326_firmwareV5.21(AAZF.14)C0

▶CVEListV5zyxel/nas542_firmwareV5.21(ABAG.11)C0

Patches

Patch: www.zyxel.com ↗Patch: www.zyxel.com ↗

🔴Vulnerability Details

CVEList

CVE-2023-4474: The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5↗2023-11-30

▶

GHSA

GHSA-h9w9-8x3q-c9vg: The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5↗2023-11-30

▶

VulnCheck

Zyxel nas326_firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')↗2023

▶

🔍Detection Rules

Suricata

ET WEB_SPECIFIC_APPS Zyxel Command Injection Attempt (CVE-2024-4474) M6↗2024-05-02

▶

Suricata

ET WEB_SPECIFIC_APPS Zyxel Command Injection Attempt (CVE-2024-4474) M2↗2024-05-02

▶

Suricata

ET WEB_SPECIFIC_APPS Zyxel Command Injection Attempt (CVE-2024-4474) M3↗2024-05-02

▶

Suricata

ET WEB_SPECIFIC_APPS Zyxel Command Injection Attempt (CVE-2024-4474) M1↗2024-05-02

▶

Suricata

ET WEB_SPECIFIC_APPS Zyxel Command Injection Attempt (CVE-2024-4474) M5↗2024-05-02

▶