CVE-2019-10633

An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs.
References
Link Resource
http://maxwelldulin.com/BlogPost?post=3236967424 Exploit Third Party Advisory
Configurations

Configuration 1


Information

Published : 2019-04-09 05:29

Updated : 2019-04-10 03:25


NVD link : CVE-2019-10633

Mitre link : CVE-2019-10633

Products Affected
CWE