Zyxel Releases Patches for Firmware Vulnerabilities in EoL NAS Models
ID: 0339d1d0-4620-5a4e-aeb9-a6f51e1698b8
STIX ID: report--0339d1d0-4620-5a4e-aeb9-a6f51e1698b8
Feed Name: The Hacker News
Threat Score
Zyxel released updates addressing five critical vulnerabilities in EoL NAS models NAS326 and NAS542 — three allow unauthenticated command injection/RCE and two are privilege-escalation issues; patches are available for some versions but two authenticated privilege-escalation flaws remain unpatched. Shadowserver reported exploitation attempts targeting CVE-2024-29973 to deliver a Mirai-like botnet, so users are advised to apply updates or migrate to supported devices.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.