Security updates have been issued by Zyxel to resolve a critical pre-authentication command injection flaw impacting certain network-attached storage devices, according to The Hacker News. Threat actors could exploit the vulnerability, tracked as CVE-2023-27992, to facilitate arbitrary command execution.

Source: SC Magazine