VYPR
Unrated severityNVD Advisory· Published Aug 6, 2020· Updated Aug 4, 2024

CVE-2020-13364

CVE-2020-13364

Description

A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0.

Affected products

10
  • Zyxel/NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0description
  • Zyxel/NSA310llm-create
    Range: 4.22(AFK.0)C0, 4.22(AFK.1)C0
  • Zyxel/NSA310Sllm-create
    Range: V4.75(AALH.2)C0
  • Zyxel/NSA320Sllm-create
    Range: V4.75(AANV.2)C0, V4.75(AANV.1)C0
  • Zyxel/NSA221llm-create
    Range: V4.41(AFM.1)C0
  • Zyxel/NAS520llm-fuzzy
    Range: V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, V5.11(AASZ.0)C0
  • Zyxel/NAS540llm-fuzzy
    Range: V5.21(AATB.5)C0, V5.21(AATB.3)C0
  • Zyxel/NSA325 V2llm-fuzzy
    Range: v2_V4.81(AALS.0)C0, V4.81(AAAJ.1)C0
  • Zyxel/NAS326llm-fuzzy
    Range: V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, V5.11(AAZF.3)C0
  • Zyxel/NAS542llm-fuzzy
    Range: V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, V5.21(ABAG.3)C0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.