ritikchaddha - Security Researcher - Exploit Intelligence Platform

CVE-2024-29973 NOMISEC CRITICAL WORKING POC

Zyxel NAS326 <V5.21(AAZF.17)C0 - Command Injection

** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.

CVSS 9.8

View Code

CVE-2024-29269 VULNCHECK_XDB HIGH WORKING POC

Telesquare TLR-2005KSH - Remote Command Execution

An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.

CVSS 8.8

View Code

CVE-2024-29973 VULNCHECK_XDB CRITICAL WORKING POC

Zyxel NAS326 <V5.21(AAZF.17)C0 - Command Injection

** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.

CVSS 9.8

View Code