Search criteria
12 vulnerabilities found for emg6726-b10a_firmware by zyxel
CVE-2025-6599 (GCVE-0-2025-6599)
Vulnerability from nvd – Published: 2025-11-18 01:19 – Updated: 2025-11-18 16:35
VLAI?
Summary
An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris‑style denial‑of‑service (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other networking services remain unaffected.
Severity ?
5.3 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | DX3301-T0 firmware |
Affected:
<= 5.50(ABVY.6.3)C0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6599",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T14:25:06.732705Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T16:35:31.932Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DX3301-T0 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= 5.50(ABVY.6.3)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris\u2011style denial\u2011of\u2011service (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other networking services remain unaffected.\u003cbr\u003e"
}
],
"value": "An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris\u2011style denial\u2011of\u2011service (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other networking services remain unaffected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T01:19:47.163Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-uncontrolled-resource-consumption-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-11-18-2025"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2025-6599",
"datePublished": "2025-11-18T01:19:47.163Z",
"dateReserved": "2025-06-25T02:16:25.675Z",
"dateUpdated": "2025-11-18T16:35:31.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7673 (GCVE-0-2025-7673)
Vulnerability from nvd – Published: 2025-07-16 07:11 – Updated: 2025-07-19 03:55
VLAI?
Summary
A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request.
Severity ?
9.8 (Critical)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG8825-T50K firmware |
Affected:
< V5.50(ABOM.5)C0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7673",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-18T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-19T03:55:18.953Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMG8825-T50K firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c V5.50(ABOM.5)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request."
}
],
"value": "A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T07:11:02.974Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/service-provider/global/en/zyxel-security-advisory-remote-code-execution-and-denial-service-vulnerabilities-cpe"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2025-7673",
"datePublished": "2025-07-16T07:11:02.974Z",
"dateReserved": "2025-07-15T02:01:55.637Z",
"dateUpdated": "2025-07-19T03:55:18.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9200 (GCVE-0-2024-9200)
Vulnerability from nvd – Published: 2024-12-03 01:33 – Updated: 2024-12-06 04:55
VLAI?
Summary
A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG4005-B50A firmware |
Affected:
<= V5.15(ABQA.2.2)C0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:zyxel:emg6726-b10a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emg6726-b10a_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.13\\(abnp.8\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:vmg3927-b50b_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmg3927-b50b_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.13\\(ably.9\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:vmg4005-b50a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmg4005-b50a_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.15\\(abqa.2.2\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:vmg4005-b60a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmg4005-b60a_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.15\\(abqa.2.2\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:vmg4005-b50b_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmg4005-b50b_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.13\\(abrl.5.1\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:vmg4927-b50a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmg4927-b50a_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.13\\(ably.9\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9200",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T04:55:23.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMG4005-B50A firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= V5.15(ABQA.2.2)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A post-authentication command injection vulnerability in the \"host\" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device."
}
],
"value": "A post-authentication command injection vulnerability in the \"host\" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T01:33:47.398Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2024-9200",
"datePublished": "2024-12-03T01:33:47.398Z",
"dateReserved": "2024-09-26T09:34:37.485Z",
"dateUpdated": "2024-12-06T04:55:23.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8748 (GCVE-0-2024-8748)
Vulnerability from nvd – Published: 2024-12-03 01:15 – Updated: 2024-12-03 16:31
VLAI?
Summary
A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.
Severity ?
7.5 (High)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG8825-T50K firmware |
Affected:
<= V5.50(ABOM.8.4)C0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmg8825-t50k_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.50\\(abom.8.4\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:lte3301-plus_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lte3301-plus_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.00\\(abqu.5\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:lte5388-m804_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lte5388-m804_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.00\\(absq.4\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:lte5398-m904_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lte5398-m904_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.00\\(abqv.4\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:lte7480-m804_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lte7480-m804_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.00\\(abra.9\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:lte7490-m904_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lte7490-m904_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.00\\(abqy.8\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:nr7101_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nr7101_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.00\\(abuv.10\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:nr7102_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nr7102_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "v1.00\\(abyd.3\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:nebula_nr5101_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nebula_nr5101_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThan": "1.16\\(accg.0\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:nebula_nr7101_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nebula_nr7101_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.16\\(accc.0\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nebula_lte3301-plus_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.18\\(acca.4\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:dx3300-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dx3300-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.50\\(abvy.5.3\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:dx3300-t1_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dx3300-t1_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.50(abvy.5.3)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:dx3301-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dx3301-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.50\\(abvy.5.3\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:dx4510-b0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dx4510-b0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17\\(abyl.7\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:dx4510-b1_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dx4510-b1_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17\\(abyl.7\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:dx5401-b0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dx5401-b0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17\\(abyo.6.3\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:dx5401_b1_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dx5401_b1_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17\\(abyo.6.3\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:ee6510-10_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ee6510-10_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.19\\(acjq.0\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:ex2210-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ex2210-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.50\\(acdi.1\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:wx3100-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wx3100-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.50\\(abvl.4.3\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:wx3401-b0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wx3401-b0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17\\(abve.2.5\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:wx3401-b1_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wx3401-b1_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17(abve.2.5)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:wx5600-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wx5600-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.70\\(aceb.3.2\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:wx5610-b0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wx5610-b0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.18\\(acgj.0\\)c2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:ax7501-b0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ax7501-b0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17\\(abpc.5.2\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:ax7501-b1_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ax7501-b1_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17\\(abpc.5.2\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:pm3100-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pm3100-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.42(acbf.2.1)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:pm5100-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pm5100-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.42\\(acbf.2.1\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:pm7300-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pm7300-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.42\\(abyy.2.2\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:pm7500-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pm7500-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.61\\(ackk.0\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:px3321-t1_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "px3321-t1_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.44\\(acjb.1\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.44\\(achk.0.2\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:px5301-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "px5301-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.44\\(ackb.0\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8748",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-03T14:40:11.917455Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T16:31:58.508Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMG8825-T50K firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= V5.50(ABOM.8.4)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device."
}
],
"value": "A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T01:34:18.062Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2024-8748",
"datePublished": "2024-12-03T01:15:46.610Z",
"dateReserved": "2024-09-12T07:51:38.916Z",
"dateUpdated": "2024-12-03T16:31:58.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26414 (GCVE-0-2022-26414)
Vulnerability from nvd – Published: 2022-04-11 12:05 – Updated: 2024-08-03 05:03
VLAI?
Summary
A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.
Severity ?
6 (Medium)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG3312-T20A firmware |
Affected:
V5.30(ABFX.5)C0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMG3312-T20A firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.30(ABFX.5)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T12:05:11",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2022-26414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMG3312-T20A firmware",
"version": {
"version_data": [
{
"version_value": "V5.30(ABFX.5)C0"
}
]
}
}
]
},
"vendor_name": "Zyxel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service."
}
]
},
"impact": {
"cvss": {
"baseScore": "6.0",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml",
"refsource": "CONFIRM",
"url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2022-26414",
"datePublished": "2022-04-11T12:05:11",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26413 (GCVE-0-2022-26413)
Vulnerability from nvd – Published: 2022-04-11 12:00 – Updated: 2024-08-03 05:03
VLAI?
Summary
A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG3312-T20A firmware |
Affected:
V5.30(ABFX.5)C0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.814Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMG3312-T20A firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.30(ABFX.5)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T12:00:19",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2022-26413",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMG3312-T20A firmware",
"version": {
"version_data": [
{
"version_value": "V5.30(ABFX.5)C0"
}
]
}
}
]
},
"vendor_name": "Zyxel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface."
}
]
},
"impact": {
"cvss": {
"baseScore": "8.0",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml",
"refsource": "CONFIRM",
"url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2022-26413",
"datePublished": "2022-04-11T12:00:19",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6599 (GCVE-0-2025-6599)
Vulnerability from cvelistv5 – Published: 2025-11-18 01:19 – Updated: 2025-11-18 16:35
VLAI?
Summary
An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris‑style denial‑of‑service (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other networking services remain unaffected.
Severity ?
5.3 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | DX3301-T0 firmware |
Affected:
<= 5.50(ABVY.6.3)C0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6599",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T14:25:06.732705Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T16:35:31.932Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DX3301-T0 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= 5.50(ABVY.6.3)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris\u2011style denial\u2011of\u2011service (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other networking services remain unaffected.\u003cbr\u003e"
}
],
"value": "An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris\u2011style denial\u2011of\u2011service (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other networking services remain unaffected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T01:19:47.163Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-uncontrolled-resource-consumption-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-11-18-2025"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2025-6599",
"datePublished": "2025-11-18T01:19:47.163Z",
"dateReserved": "2025-06-25T02:16:25.675Z",
"dateUpdated": "2025-11-18T16:35:31.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7673 (GCVE-0-2025-7673)
Vulnerability from cvelistv5 – Published: 2025-07-16 07:11 – Updated: 2025-07-19 03:55
VLAI?
Summary
A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request.
Severity ?
9.8 (Critical)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG8825-T50K firmware |
Affected:
< V5.50(ABOM.5)C0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7673",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-18T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-19T03:55:18.953Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMG8825-T50K firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c V5.50(ABOM.5)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request."
}
],
"value": "A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T07:11:02.974Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/service-provider/global/en/zyxel-security-advisory-remote-code-execution-and-denial-service-vulnerabilities-cpe"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2025-7673",
"datePublished": "2025-07-16T07:11:02.974Z",
"dateReserved": "2025-07-15T02:01:55.637Z",
"dateUpdated": "2025-07-19T03:55:18.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9200 (GCVE-0-2024-9200)
Vulnerability from cvelistv5 – Published: 2024-12-03 01:33 – Updated: 2024-12-06 04:55
VLAI?
Summary
A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG4005-B50A firmware |
Affected:
<= V5.15(ABQA.2.2)C0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:zyxel:emg6726-b10a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emg6726-b10a_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.13\\(abnp.8\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:vmg3927-b50b_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmg3927-b50b_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.13\\(ably.9\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:vmg4005-b50a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmg4005-b50a_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.15\\(abqa.2.2\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:vmg4005-b60a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmg4005-b60a_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.15\\(abqa.2.2\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:vmg4005-b50b_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmg4005-b50b_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.13\\(abrl.5.1\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:vmg4927-b50a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmg4927-b50a_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.13\\(ably.9\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9200",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T04:55:23.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMG4005-B50A firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= V5.15(ABQA.2.2)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A post-authentication command injection vulnerability in the \"host\" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device."
}
],
"value": "A post-authentication command injection vulnerability in the \"host\" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T01:33:47.398Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2024-9200",
"datePublished": "2024-12-03T01:33:47.398Z",
"dateReserved": "2024-09-26T09:34:37.485Z",
"dateUpdated": "2024-12-06T04:55:23.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8748 (GCVE-0-2024-8748)
Vulnerability from cvelistv5 – Published: 2024-12-03 01:15 – Updated: 2024-12-03 16:31
VLAI?
Summary
A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.
Severity ?
7.5 (High)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG8825-T50K firmware |
Affected:
<= V5.50(ABOM.8.4)C0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmg8825-t50k_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.50\\(abom.8.4\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:lte3301-plus_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lte3301-plus_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.00\\(abqu.5\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:lte5388-m804_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lte5388-m804_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.00\\(absq.4\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:lte5398-m904_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lte5398-m904_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.00\\(abqv.4\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:lte7480-m804_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lte7480-m804_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.00\\(abra.9\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:lte7490-m904_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lte7490-m904_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.00\\(abqy.8\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:nr7101_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nr7101_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.00\\(abuv.10\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:nr7102_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nr7102_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "v1.00\\(abyd.3\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:nebula_nr5101_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nebula_nr5101_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThan": "1.16\\(accg.0\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:nebula_nr7101_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nebula_nr7101_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.16\\(accc.0\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nebula_lte3301-plus_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "1.18\\(acca.4\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:dx3300-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dx3300-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.50\\(abvy.5.3\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:dx3300-t1_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dx3300-t1_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.50(abvy.5.3)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:dx3301-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dx3301-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.50\\(abvy.5.3\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:dx4510-b0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dx4510-b0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17\\(abyl.7\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:dx4510-b1_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dx4510-b1_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17\\(abyl.7\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:dx5401-b0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dx5401-b0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17\\(abyo.6.3\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:dx5401_b1_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dx5401_b1_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17\\(abyo.6.3\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:ee6510-10_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ee6510-10_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.19\\(acjq.0\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:ex2210-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ex2210-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.50\\(acdi.1\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:wx3100-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wx3100-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.50\\(abvl.4.3\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:wx3401-b0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wx3401-b0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17\\(abve.2.5\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:wx3401-b1_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wx3401-b1_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17(abve.2.5)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:wx5600-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wx5600-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.70\\(aceb.3.2\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:wx5610-b0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wx5610-b0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.18\\(acgj.0\\)c2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:ax7501-b0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ax7501-b0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17\\(abpc.5.2\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:ax7501-b1_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ax7501-b1_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.17\\(abpc.5.2\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:pm3100-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pm3100-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.42(acbf.2.1)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:pm5100-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pm5100-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.42\\(acbf.2.1\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:pm7300-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pm7300-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.42\\(abyy.2.2\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:pm7500-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pm7500-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.61\\(ackk.0\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:px3321-t1_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "px3321-t1_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.44\\(acjb.1\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.44\\(achk.0.2\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:zyxel:px5301-t0_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "px5301-t0_firmware",
"vendor": "zyxel",
"versions": [
{
"lessThanOrEqual": "5.44\\(ackb.0\\)c0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8748",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-03T14:40:11.917455Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T16:31:58.508Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMG8825-T50K firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= V5.50(ABOM.8.4)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device."
}
],
"value": "A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T01:34:18.062Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2024-8748",
"datePublished": "2024-12-03T01:15:46.610Z",
"dateReserved": "2024-09-12T07:51:38.916Z",
"dateUpdated": "2024-12-03T16:31:58.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26414 (GCVE-0-2022-26414)
Vulnerability from cvelistv5 – Published: 2022-04-11 12:05 – Updated: 2024-08-03 05:03
VLAI?
Summary
A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.
Severity ?
6 (Medium)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG3312-T20A firmware |
Affected:
V5.30(ABFX.5)C0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMG3312-T20A firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.30(ABFX.5)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T12:05:11",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2022-26414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMG3312-T20A firmware",
"version": {
"version_data": [
{
"version_value": "V5.30(ABFX.5)C0"
}
]
}
}
]
},
"vendor_name": "Zyxel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service."
}
]
},
"impact": {
"cvss": {
"baseScore": "6.0",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml",
"refsource": "CONFIRM",
"url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2022-26414",
"datePublished": "2022-04-11T12:05:11",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26413 (GCVE-0-2022-26413)
Vulnerability from cvelistv5 – Published: 2022-04-11 12:00 – Updated: 2024-08-03 05:03
VLAI?
Summary
A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zyxel | VMG3312-T20A firmware |
Affected:
V5.30(ABFX.5)C0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.814Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMG3312-T20A firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V5.30(ABFX.5)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T12:00:19",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2022-26413",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMG3312-T20A firmware",
"version": {
"version_data": [
{
"version_value": "V5.30(ABFX.5)C0"
}
]
}
}
]
},
"vendor_name": "Zyxel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface."
}
]
},
"impact": {
"cvss": {
"baseScore": "8.0",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml",
"refsource": "CONFIRM",
"url": "https://www.zyxel.com/support/OS-command-injection-and-buffer-overflow-vulnerabilities-of-CPE-and-ONTs.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2022-26413",
"datePublished": "2022-04-11T12:00:19",
"dateReserved": "2022-03-04T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}