CVE-2020-9054 Scanner

Multiple ZyXEL network-attached storage (NAS) devices are used as storage solutions in many homes, offices, and small businesses. These devices allow users to create a centralized storage space that can be accessed from multiple devices, increasing productivity and ease of use. With ZyXEL NAS devices, users can store and manage files, photos, music, and movies securely and conveniently.

However, a serious vulnerability, CVE-2020-9054, has been detected in ZyXEL NAS devices running firmware version 5.21. This pre-authentication command injection vulnerability can allow remote, unauthenticated attackers to execute arbitrary code on a vulnerable device. Attackers can exploit the vulnerability by sending a specially-crafted HTTP POST or GET request containing certain characters that can cause the username parameter to be improperly sanitized. This vulnerability can be triggered even if an attacker does not have direct connectivity to the vulnerable device.

Affected products include:

• NAS326 before firmware V5.21(AAZF.7)C0
• NAS520 before firmware V5.21(AASZ.3)C0
• NAS540 before firmware V5.21(AATB.4)C0
• NAS542 before firmware V5.21(ABAG.4)C0

ZyXEL has made firmware updates available for

• NAS326,
• NAS520,
• NAS540, and
• NAS542 devices.

Affected models that are end-of-support:

• NSA210,
• NSA220,
• NSA220+,
• NSA221,
• NSA310,
• NSA310S,
• NSA320,
• NSA320S,
• NSA325 and
• NSA325v2

Exploiting CVE-2020-9054 can lead to serious consequences, as it can provide attackers with root privileges on the compromised device. This means that they can execute any command with the highest level of system privileges, which can result in data theft, unauthorized access, and malware deployment. Given the ubiquity of NAS devices in modern networks, this vulnerability presents a significant threat to users' digital assets.

Those who are concerned about the security of their digital assets can benefit from using the pro features of the securityforeveryone.com platform. The platform offers users the ability to quickly and easily assess their digital assets' vulnerabilities, providing peace of mind and a more secure online presence. By emphasizing the importance of proactive security measures and using reliable tools, users can reduce the risk of cyberattacks and protect their valuable data.

REFERENCES

• https://cwe.mitre.org/data/definitions/78.html
• https://kb.cert.org/vuls/id/498544/
• https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/
• https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml