Zyxel warns of multiple critical vulnerabilities in NAS devices

Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage devices. Zyxel NAS systems are used for storing data in a centralized location on the network. They are designed for high volumes of data and offer features like data backup, media streaming, or customized sharing options. Typical Zyxel NAS users include small to medium-sized businesses seeking a solution that combines data management, remote work, and collaboration features, as well as IT professionals setting up data redundancy systems, or videographers and digital artists working with large files. In a security bulletin today, the vendor warns of the following flaws impacting NAS326 devices running version 5.21(AAZF.14)C0 and earlier, and NAS542 with version 5.21(ABAG.11)C0 and earlier. CVE-2023-35137: Improper authentication vulnerability in Zyxel NAS devices' authentication module, allowing unauthenticated attackers to obtain system information via a crafted URL. CVE-2023-35138: Command injection flaw in the "Show zysync server contents" function in Zyxel NAS devices, permitting unauthenticated attackers to execute OS commands through a crafted HTTP POST request. To address these risks, users of NAS326 are recommended to upgrade to version V5.21(AAZF.15)C0 or later. Users of NAS542 should upgrade their firmware to V5.21(ABAG.12)C0 or later, which fix the above flaws. The vendor has provided no mitigation advice or workarounds, a firmware update being the recommended action. QNAP warns of critical command injection flaws in QTS OS, apps. Fortinet warns of critical command injection bug in FortiSIEM. UK and South Korea: Hackers use zero-day in supply-chain attack. Critical bug in ownCloud file sharing app exposes admin passwords. Russian hackers use Ngrok feature and WinRAR exploit to attack embassies.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 20:24:55 +0000


Cyber News related to Zyxel warns of multiple critical vulnerabilities in NAS devices

Zyxel warns of multiple critical vulnerabilities in NAS devices - Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage devices. Zyxel NAS systems are used for storing data ...
11 months ago Bleepingcomputer.com
QNAP takes down server behind widespread brute-force attacks - QNAP took down a malicious server used in widespread brute-force attacks targeting Internet-exposed NAS devices with weak passwords. The Taiwanese hardware vendor detected the attacks on the evening of October 14 and, with assistance from Digital ...
11 months ago Bleepingcomputer.com
CVE-2020-9054 - Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ...
4 years ago
Over 29,000 QNAP devices vulnerable to code injection attacks - Tens of thousands of QNAP network-attached storage devices are waiting to be patched against a critical security flaw addressed by the Taiwanese company on Monday. Remote threat actors can exploit this SQL injection vulnerability to inject malicious ...
1 year ago Bleepingcomputer.com
CVE-2021-41769 - A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < ...
2 years ago
Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks - PRESS RELEASE. NEW YORK and ORLANDO, Fla., March 12, 2024/PRNewswire/ -Claroty, the cyber-physical systems protection company, released today at the annual HIMSS24 conference a new report that uncovered concerning data about the security of medical ...
7 months ago Darkreading.com
Russian Hackers Likely Not Involved in Attacks on Denmark's Critical Infrastructure - Russian state-sponsored APT actor Sandworm might have not been involved in last year's massive attack campaign against Denmark's critical infrastructure, cybersecurity firm Forescout says. The assaults occurred in May 2023 and resulted in the ...
9 months ago Securityweek.com
Over 90,000 LG Smart TVs may be exposed to remote attacks - Security researchers at Bitdefender have discovered four vulnerabilities impacting multiple versions of WebOS, the operating system used in LG smart TVs. The flaws enable varying degrees of unauthorized access and control over affected models, ...
6 months ago Bleepingcomputer.com
IoT Security for Business: Safeguarding Connected Devices - In this discussion, we will explore the significance of IoT security for businesses and effective strategies for safeguarding connected devices. With the increasing number of connected devices in business environments, the need for effective IoT ...
9 months ago Securityzap.com
Cisco says critical Unity Connection bug lets attackers get root - Cisco has patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched devices. Unity Connection is a fully virtualized messaging and voicemail solution for email inboxes, web ...
9 months ago Bleepingcomputer.com
VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks - VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over two weeks since it was disclosed on November 14th. Cloud Director is a VMware platform that enables admins ...
11 months ago Bleepingcomputer.com
Move Over, APTs: Common Cybercriminals Begin Critical Infrastructure Targeting - According to an analysis from Forescout Research, Vedere Labs this week, one of two previously reported attacks against the Danish energy sector in May was mistakenly attributed to Sandworm. Mass Exploitation of CVE-2023-27881 in Zyxel Firewalls At ...
9 months ago Darkreading.com
LogoFAIL bugs in UEFI code allow planting bootkits via images - Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver ...
11 months ago Bleepingcomputer.com
LogoFAIL attack can install UEFI bootkits through bootup logos - Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver ...
11 months ago Bleepingcomputer.com
Strobes 2023 Pentesting Recap: Trends, Stats, and How PTaaS is Transforming Cybersecurity - This article covers some amazing statistics on what category of vulnerabilities we commonly report across 100s of customers, and how we reduce compliance times and turn around time to reporting critical vulnerabilities. In a different article, we ...
10 months ago Securityboulevard.com
DrayTek Routers at Risk From 14 New Vulnerabilities - The advice comes amid signs of growing threat actor activity — including by nation-state actors — targeting vulnerabilities in routers and other network devices from DrayTek and a variety of other vendors, including Fortinet, F5, QNAP, Ivanti, ...
1 month ago Darkreading.com
Zyxel unveils new cloud-managed switches for small businesses and professional home users - Zyxel Networks launched the XMG1915 series - a family of smart managed switches designed to provide small businesses and professional home users with the throughput and versatility needed to support today's high bandwidth applications and services. ...
9 months ago Helpnetsecurity.com
How Denmark nulled record attacks on critical infrastructure The Register - Danish critical infrastructure faced the biggest online attack in the country's history in May, according to SektorCERT, Denmark's specialist organization for the cybersecurity of critical kit. Detailing the attack waves in a report, it revealed that ...
11 months ago Theregister.com
Cisco patches IOS XE zero-days used to hack over 50,000 devices - Cisco has addressed the two vulnerabilities that hackers exploited to compromise tens of thousands of IOS XE devices over the past week. The free software release comes after a threat actor leveraged the security issues as zero-days to compromise and ...
11 months ago Bleepingcomputer.com
Juniper warns of critical RCE bug in its firewalls and switches - Juniper Networks has released security updates to fix a critical pre-auth remote code execution vulnerability in its SRX Series firewalls and EX Series switches. Found in the devices' J-Web configuration interfaces and tracked as CVE-2024-21591, this ...
9 months ago Bleepingcomputer.com
Why BYOD Is the Favored Ransomware Backdoor - These devices exist outside of direct corporate management and provide a ransomware gang with unchecked platforms for encrypting data. Microsoft's fourth annual Digital Defense Report for 2023 reveals that 80% of all ransomware compromises come from ...
9 months ago Esecurityplanet.com
Cyber Insights 2023: ICS and Operational Technology - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. At the same time, ICS/OT is facing an expanding attack surface caused by ...
1 year ago Securityweek.com
IoT Security in the Age of Cyber Threats - These vast neural networks enable IoT devices to seamlessly connect the mundane and the sophisticated into the digital fabric of the internet. This range of devices includes everything right from kitchen appliances and industrial machinery to smart ...
10 months ago Feeds.dzone.com
CVE-2020-2501 - A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the ...
3 years ago
CVE-2021-28797 - A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the ...
3 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)