CVE-2024-29976 in NAS326Информация

Сводка

по MITRE • 04.06.2024

** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the command “show_allsessions” in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an authenticated attacker to obtain a logged-in administrator’s session information containing cookies on an affected device.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Ответственный

Zyxel Corporation

Резервировать

22.03.2024

Раскрытие

04.06.2024

Модерация

принято

Вход

VDB-266974

EPSS

0.08954

KEV

Нет

Деятельности

Очень низкий

Источники

Want to stay up to date on a daily basis?

Enable the mail alert feature now!