Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款ZyXEL产品授权问题漏洞
Vulnerability Description
ZyXEL Zyxel NAS520等都是中国台湾合勤(ZyXEL)公司的一款NAS(网络附加存储)设备。 多款Zyxel产品中存在安全漏洞。攻击者可借助一个本地可访问的二进制文件利用该漏洞为未被记录的用户账户创建密码,以root用户身份进行访问。以下产品及版本受到影响:ZyXEL NAS520 V5.21(AASZ.4)C0版本,V5.21(AASZ.0)C0版本,V5.11(AASZ.3)C0版本,V5.11(AASZ.0)C0版本;NAS542 V5.11(ABAG.0)C0版本,V5.20(ABA
CVSS Information
N/A
Vulnerability Type
N/A