Zyxel NAS 326 Package Installer Shell Metacharacter Injection Vulnerability

Zyxel NAS 326 Package Installer Shell Metacharacter Injection Vulnerability

CVE-2019-10631 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests.

Learn more about our Web Application Penetration Testing UK.