CVE-2023-27992CISA KEVEPSS p99.7%

CVE-2023-27992Zyxel Multiple NAS Devices Command Injection Vulnerability

Zyxel / Multiple Network-Attached Storage (NAS) Devices

Description

Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability that could allow an unauthenticated attacker to execute commands remotely via a crafted HTTP request.

Scoring

EPSS86.70% probability of exploitation · percentile 99.7% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2023-06-23

(incoming)1

TypeTargetConfidenceTier
KEVEntryZyxel Multiple NAS Devices Command Injection Vulnerabilitykev-cve-2023-279920%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Zyxel Multiple NAS Devices OS Command Injection Vulnerability
CVE
Zyxel Multiple Firewalls OS Command Injection Vulnerability
CVE
Zyxel DSL CPE OS Command Injection Vulnerability
CVE
QNAP Network-Attached Storage (NAS) Command Injection Vulnerability
CVE
CVE-2025-8693
CVE
D-Link Multiple NAS Devices Command Injection Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.