VYPR
Unrated severityCISA KEVNVD Advisory· Published Jun 19, 2023· Updated Oct 21, 2025

CVE-2023-27992

CVE-2023-27992

Description

The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Zyxel/NAS540llm-fuzzy
    Range: <5.21(AATB.11)C0
  • Zyxel/NAS326llm-fuzzy
    Range: <5.21(AAZF.14)C0
  • Zyxel/NAS542llm-fuzzy
    Range: <5.21(ABAG.11)C0
  • Zyxel/NAS326 firmwarev5
    Range: < V5.21(AAZF.14)C0
  • Zyxel/NAS540 firmwarev5
    Range: < V5.21(AATB.11)C0
  • Zyxel/NAS542 firmwarev5
    Range: < V5.21(ABAG.11)C0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.