WRITEUP #498

CVE-2023-5372 - Post-auth blind Python code injection vulnerabilities in Zyxel’s NAS326 and NAS542 devices

RCECode injectionSecurity code review

by@GaborSeljan(Gábor Selján)

Program

Zyxel

Published

Jan 30, 2024

Added to HackDex

Feb 1, 2024

Read Full Writeuphttps://bugprove.com/knowledge-hub/cve-2023-5372-post-auth-blind-python-code-injection-vulnerabilities-in-zyxel-s-nas-326-and-nas-542-devices/

▸ RELATED WRITEUPS

Spip Preauth RCE 2024: Part 1, The Feather

RCECode injection

Getting code execution on Veeam through CVE-2023-27532

RCEInsecure deserialization

Spip Preauth RCE 2024: Part 2, A Big Upload

RCEFile upload

Back To School - Exploiting A Remote Code Execution Vulnerability In Moodle

RCESecurity code review

WordPress GiveWP POP to RCE (CVE-2024-5932)

RCEPHP pop chain

Built with ❤️ by Shubham Rawat