Lately, Zyxel issued a security advisory informing its users about the new security vulnerability affecting three of their Network Attached Storage devices. High severity security vulnerability with a 9.8 CVSS v3 score has been tracked on the vulnerability CVE-2022-34747.
Security researcher Shaposhnikov llya reported this vulnerability a few months back in June.
Zyxel’s security advisory states that a vulnerability was discovered in the binary of a few Zyxel NAS products allowing threat actors to successfully perform unauthorized remote code executed with the help of a UDP packet. Following investigations, vulnerability issue was found in the following models:
- NAS326: V5.21(AAZF.11)C0 and earlier
- NAS540: V5.21(AATB.8)C0 and earlier
- NAS542: V5.21(ABAG.8)C0 and earlier
Meanwhile, Zyxel has advised its users to install the patch update as soon as possible. Users can download the latest firmware from the company’s official website.
Are you looking for more security updates? Subscribe to our newsletter for the latest security news.