CVE-2024-29976 in NAS326information

Résumé

par MITRE • 04/06/2024

** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the command “show_allsessions” in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an authenticated attacker to obtain a logged-in administrator’s session information containing cookies on an affected device.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsable

Zyxel Corporation

Réserver

22/03/2024

Divulgation

04/06/2024

Modérer

accepté

Entrée

VDB-266974

CPE

prêt

EPSS

0.08954

KEV

non

Activités

très faible

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!