Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-2w49-w2vv-p84h

GitHub Security Advisory

⚠ Unreviewed CRITICAL Has CVE
View on GitHub

Advisory Details

** UNSUPPORTED WHEN ASSIGNED **
The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.

Related CVEs

CVE-2024-29973

Key Information

GHSA ID
GHSA-2w49-w2vv-p84h
Published
June 4, 2024 3:30 AM
Last Modified
June 4, 2024 3:30 AM
CVSS Score
9.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: July 26, 2025 6:37 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.