Bleeping Computer

Zyxel warns of critical OS command injection flaw in routers

Zyxel has released security updates to address a critical vulnerability impacting multiple models of its business routers, potentially allowing unauthenticated attackers to perform OS command ...

Zyxel warns over a dozen routers affected by critical security flaw

Zyxel fixes a handful of worrying router flaws ...
Bleeping Computer

QNAP warns of critical command injection flaws in QTS OS, apps

QNAP Systems published security advisories for two critical command injection vulnerabilities that impact multiple versions of the QTS operating system and applications on its network-attached storage ...
SecurityWeek

Zyxel Patches Critical Vulnerability in Many Device Models

Zyxel has patched a critical-severity OS command execution vulnerability that is remotely exploitable via crafted UPnP requests.
CSO Online

VMware fixes command injection flaw in Aria Operations

Two other flaws were patched by the virtualization vendor, impacting Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure as well.
Infosecurity-magazine.com

CISA Urges Software Makers to Eliminate OS Command Injection Vulnerabilities

The US government has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities. The alert from the Cybersecurity and Infrastructure ...
SecurityWeek

Critical Flaws Exposed Gardyn Smart Gardens to Remote Hacking

CISA has released an advisory to warn about four vulnerabilities discovered by a researcher in Gardyn Home and Gardyn Studio.
Threat Post

D-Link Routers at Risk for Remote Takeover from Zero-Day Flaws

Critical vulnerabilities discovered by Digital Defense can allow attackers to gain root access and take over devices running same firmware. Buggy firmware opens a number of D-Link VPN router models to ...