CVE-2022-34747

Description from NVD

A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet.

Information Acquisition Date:2022-09-08T18:00Z

CVSS 2.0: 0.0 None CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchange	Change
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

NVD References

https://www.zyxel.com/support/Zyxel-security-advisory-for-format-string-vulnerability-in-NAS.shtml
source:CONFIRM
tags:Patch Vendor Advisory

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URL	Num of Times Referred to
https://cvetrends.com	51
https://thehackernews.com/2022/09/critical-rce-vulnerabilit...	11
https://www.zyxel.com/support/Zyxel-security-advisory-for-f...	4

Information from Twitter

User	URL	Info Source	Date
VulmonFeeds	https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...	Source VulmonFeeds 1608587873229443078	2022/12/30

List of frequently cited URLs

URL	Num of Times Referred to
cvetrends.com	51
thehackernews.com	11
www.zyxel.com	4

Information from Twitter

User	URL	Info Source
VulmonFeeds	alerts.vulmon.com	Show Tweet

GitHub Search Results: Up to 10

Name	URL
No Data

GitHub Search Results: Up to 10

Name	URL
No Data

2022/12/30 Score : 0
Added Har-sia Database : 2022/09/06
Last Modified : 2022/12/30
Highest Scored Date : 2022/09/07
Highest Score : 35