** UNSUPPORTED WHEN ASSIGNED **
The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Zyxel
Published: 2024-06-04T01:29:41.852Z
Updated: 2024-06-26T03:55:25.902Z
Reserved: 2024-03-22T08:49:44.342Z
Link: CVE-2024-29973
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-04T02:15:48.290
Modified: 2024-06-26T04:15:12.810
Link: CVE-2024-29973
JSON object: View
Redhat Information
No data.
CWE