![SOCRadar® Cyber Intelligence Inc. | Zyxel NAS Devices are Affected by a Critical RCE Vulnerability](https://socradar.io/wp-content/uploads/2022/09/zyxel-nas-devices-are-affected-by-a-critical-rce-vulnerability.png)
Zyxel NAS Devices are Affected by a Critical RCE Vulnerability
Zyxel has announced fixes for a severe format string issue in its network attached storage products. The Taiwanese network giant’s affected products are listed as:
- NAS326 (V5.21(AAZF.11)C0 and earlier)
- NAS540 (V5.21(AATB.8)C0 and earlier)
- NAS542 (V5.21(ABAG.8)C0 and earlier)
The vulnerability is labeled as CVE-2022-34747 and has a CVSS score of 9.8 regarding the fact that it can lead to remote code execution. The vulnerability resides in a specific binary within the affected products. An unauthorized remote attacker can exploit the vulnerability by utilizing specially crafted UDP packets to execute arbitrary code.
![](https://socradar.io/wp-content/uploads/2022/09/cta-vulnerability-intel-1024x244.png)
Other Vulnerabilities Zyxel Has Previously Fixed
The statement comes after Zyxel fixed two security issues impacting its firewall devices in July: CVE-2022-30526 and CVE-2022-2030, which are local privilege escalation and authenticated directory traversal vulnerabilities.
The company also fixed a security flaw (CVE-2022-0823) in June 2022 that made switches in the GS1200 series vulnerable to timing side-channel attacks used to guess passwords.
Zyxel released an advisory about CVE-2022-34747 to warn its customers days after QNAP issued a warning about a DeadBolt ransomware attack. DeadBolt targeted NAS devices by exploiting a zero-day vulnerability in the Photo Station software.
Mitigation
It’s becoming a growing trend to hack NAS devices. Installing updates is a priority. You can find firmware updates for each affected product on Zyxel’s security advisory.
![](https://socradar.io/wp-content/uploads/2022/06/socradar-blog-promote-free-edition-1024x410.jpeg)