CVE-2022-34747

Summary

A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet.

Affected Software

VendorProductVersion RangeStatus
ZyxelZyxel NAS326 firmware< V5.21(AAZF.12)C0affected

Weaknesses

  • CWE-134: CWE-134: Use of Externally-Controlled Format String

ADP Enrichment

CVE Program Container

Additional References

References