An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated malicious user to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zyxel nas326_firmware |