all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Command Injection Vulnerability Found in Zyxel NAS Devices (CVE-2023-27988)

Add to bookmarks
May 30, 2023, 5:43 p.m. | /u/mesok8

cybersecurity www.reddit.com

Hi everyone, Recently researchers discovered a command injection vulnerability (CVE-2023-27988) in Linux-operated Zyxel NAS devices.

This issue allowed authenticated users to execute arbitrary system commands with root privileges, having a vulnerability like this could lead to a ton of unexpected attacks and modifications of the system.

Zyxel was alerted and issued a security patch on May 30, 2023. Kudos to Zyxel for their prompt response instead of ignoring the alerts and not taking any action.

Thought I’d make this post …

attacks command command injection cve cybersecurity devices injection issue linux nas privileges researchers root system ton vulnerability zyxel

Visit resource

More from www.reddit.com / cybersecurity

AI makes it easier for anyone to become a cybercriminal, top official says 2 hours ago | www.reddit.com
cybercriminal cybersecurity easier official
Linux Package Vulnerability analysis tools. 9 hours ago | www.reddit.com
analysis bill boot called +28
When does IR teams typically perform network forensics during an incident? 11 hours ago | www.reddit.com
artifacts attackers capture cybersecurity +9
Monday.com removes "Share Update" feature abused for phishing attacks 14 hours ago | www.reddit.com
cybersecurity
I have an hour long technical interview for a Security Analyst at a Trading Software … 15 hours ago | www.reddit.com
analyst cybersecurity interview questions +7
One in Four Tech CISOs Unhappy with Compensation. Also, average total compensation for tech CISOs … 18 hours ago | www.reddit.com
cisos compensation cybersecurity tech
Password and MFA reset user identity verification standards? 18 hours ago | www.reddit.com
asking cis cybersecurity hardware +20
Combatting impostor syndrome??? 20 hours ago | www.reddit.com
certification culture cybersecurity forensics +10
British Columbia investigating cyberattacks on government networks 20 hours ago | www.reddit.com
british british columbia columbia cyberattacks +3

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Cybersecurity Engineer III

@ Hexagon US Federal | Huntsville, AL
View on infosec-jobs.com

Cybersecurity Technical Advisor

@ Microsoft | Reading, Berkshire, United Kingdom
View on infosec-jobs.com

Cybersecurity Engineer

@ Mindvalley | Kuala Lumpur, Kuala Lumpur, Malaysia
View on infosec-jobs.com

Network Security (Meraki) Infrastructure Lead

@ Sopra Steria | Noida, Uttar Pradesh, India
View on infosec-jobs.com

Sr. Director, Product Security

@ Ro | New York City or Remote
View on infosec-jobs.com

Senior Research Engineer, Cryptography (PhD Entry Level)

@ Seagate Technology | Shakopee, MN, US
View on infosec-jobs.com
View more jobs