PRUEBA AHORA

Zyxel NAS Vulnerability Audit

Network Devices Vulnerability

Discover Vulnerable Zyxel NAS Products in Your IT Estate

Zyxel Networks has released a number of firmware patches for its NAS products in response to a critical format string vulnerability impacting several models. The vulnerability, tracked as CVE-2022-34747 received a critical CVSS v3 score of 9.8 and could lead to unauthorized remote code execution via a crafted UDP packet. This would leave internet-exposed NAS devices vulnerable to ransomware attacks. The report below will help you locate any Zyxel NAS products that may be at risk and require the firmware update. You can read more about this vulnerability in the Zyxel NAS Vulnerability blog post.

Zyxel NAS Vulnerability Query

Select Top 1000000 tblAssets.AssetID,
tsysAssetTypes.AssetTypeIcon10 As Icon,
tblAssets.AssetName,
tblAssets.IPAddress,
tblAssets.Description,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysIPLocations.IPLocation,
Case
When tblAssetCustom.Model Like '%NAS326%' Then 'V5.21(AAZF.12)C0'
When tblAssetCustom.Model Like '%NAS3540%' Then 'V5.21(AATB.9)C0'
When tblAssetCustom.Model Like '%NAS542%' Then 'V5.21(ABAG.9)C0'
End As FixedVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Firstseen,
tblAssets.Lastseen
From tblAssets
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Left Outer Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Left Outer Join tsysOS On tsysOS.OScode = tblAssets.OScode
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where tblState.Statename = 'Active' and tblAssetCustom.Manufacturer LIKE '%Zyxel%'and 
(tblAssetCustom.Model like '%NAS326%' or
tblAssetCustom.Model like '%NAS540%' or
tblAssetCustom.Model like '%NAS542%');

Show

Hide