Zyxel has recently released patches for a series of critical vulnerabilities that affect their network-attached storage (NAS) devices. These vulnerabilities pose a significant risk to device security [3], as they allow unauthorized access and the execution of malicious commands [3].
Description
The vulnerabilities range in severity [3], with a CVSS score ranging from 7.5 to 9.8. One vulnerability enables an unauthenticated attacker to gather system information through a crafted URL [3], potentially leading to further attacks [3]. Another vulnerability, with a CVSS score of 9.8 [3], allows an unauthenticated attacker to execute arbitrary commands via a crafted HTTP POST request [4] [5], gaining complete control over the device [3]. Additionally, there are vulnerabilities that allow authenticated attackers to execute arbitrary commands [3], escalating privileges and gaining unauthorized control [3].
Zyxel has promptly released patches for these vulnerabilities [2] [3], including high-severity ones that could enable attackers to obtain system information and execute arbitrary commands. It is crucial for users of Zyxel devices [1], specifically NAS326 (up to V5.21(AAZF.14)C0) and NAS542 (up to V5.21(ABAG.11)C0) [5], to apply these patches promptly to ensure the security of their systems.
It is worth noting that one of the critical vulnerabilities, CVE-2023-4473 [1] [2] [4] [5], was discovered by an IBM X-Force researcher during an investigation of a previously fixed bug.
Conclusion
These vulnerabilities present a significant threat to the security of Zyxel NAS devices. Users must take immediate action by applying the released patches to mitigate the risk of unauthorized access and malicious commands. Failure to do so could result in compromised systems and potential further attacks. The discovery of one vulnerability by an IBM X-Force researcher highlights the importance of ongoing vigilance and the need for continuous efforts to identify and address security vulnerabilities.
References
[1] https://cyber.vumetric.com/security-news/2023/12/01/zyxel-releases-patches-to-fix-15-flaws-in-nas-firewall-and-ap-devices/
[2] https://www.helpnetsecurity.com/2023/12/01/zyxel-nas-vulnerabilities/
[3] https://meterpreter.org/zyxel-nas-vulnerabilities-a-critical-call-for-patching/
[4] https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products
[5] https://thehackernews.com/2023/12/zyxel-releases-patches-to-fix-15-flaws.html
