CVE-2025-11846 (GCVE-0-2025-11846)

Vulnerability from cvelistv5 – Published: 2026-02-24 01:37 – Updated: 2026-02-24 16:09
VLAI?
Summary
A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request.
Severity ?
4.9 (Medium)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CWE
  • CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
Vendor Product Version
Zyxel VMG3625-T50B firmware Affected: <= 5.50(ABPM.9.6)C0
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-11846",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-24T16:07:02.451080Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-24T16:09:10.139Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "VMG3625-T50B firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 5.50(ABPM.9.6)C0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WX3100-T0 firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 5.50(ABVL.4.8)C0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware\u0026nbsp;versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request."
            }
          ],
          "value": "A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware\u00a0versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-24T01:37:57.257Z",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-null-pointer-dereference-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-02-24-2026"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2025-11846",
    "datePublished": "2026-02-24T01:37:57.257Z",
    "dateReserved": "2025-10-16T09:31:00.608Z",
    "dateUpdated": "2026-02-24T16:09:10.139Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-11846\",\"sourceIdentifier\":\"security@zyxel.com.tw\",\"published\":\"2026-02-24T02:16:00.030\",\"lastModified\":\"2026-02-25T18:14:24.587\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware\u00a0versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de desreferencia de puntero nulo en el programa CGI de configuraci\u00f3n de cuenta del firmware Zyxel VMG3625-T50B versiones hasta 5.50(ABPM.9.6)C0 y del firmware Zyxel WX3100-T0 versiones hasta 5.50(ABVL.4.8)C0 podr\u00eda permitir a un atacante autenticado con privilegios de administrador activar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) mediante el env\u00edo de una solicitud HTTP manipulada.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@zyxel.com.tw\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security@zyxel.com.tw\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:lte3301-plus_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.00\\\\(abqu.9\\\\)c0\",\"matchCriteriaId\":\"0F3EFC9C-25BF-4DE2-82BB-E169C696AB04\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4814D3A1-C0D4-4573-AD77-C2EE7AC11CB4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:nebula_fwa505_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.60\\\\(acko.2\\\\)v0\",\"matchCriteriaId\":\"54D00EC0-7D3E-4F2D-BAFB-F7AD96B8A9A9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:nebula_fwa505:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5052039B-5273-4CDF-AFA5-609855801D24\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:nebula_fwa510_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.60\\\\(acgd.0\\\\)c0\",\"matchCriteriaId\":\"E498D29B-04D5-4692-9822-466E01BCDC9F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:nebula_fwa510:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80B7099C-DAA5-4902-A62B-B680C9450575\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:nebula_fwa515_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.60\\\\(acpz.0\\\\)v0\",\"matchCriteriaId\":\"82904F03-AE99-434C-AFDD-8AC6605269AA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:nebula_fwa515:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C814005-F021-4AFC-8043-0B00EED3FBA6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:nebula_fwa710_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.60\\\\(acgc.1\\\\)v0\",\"matchCriteriaId\":\"4A5240E3-76E8-4BF8-855A-0FF44BC79847\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:nebula_fwa710:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92221518-C7EA-46D7-8037-A580CEA01093\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ee5301-00_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.63\\\\(acld.2.1\\\\)c0\",\"matchCriteriaId\":\"0EA00C9F-B69A-4D94-9778-9BAC1DE0857C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ee5301-00:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B28CD570-8DF0-428D-9EF6-87B05DD019D7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ee3301-00_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.63\\\\(acmu.2.1\\\\)c0\",\"matchCriteriaId\":\"88483F35-88B4-4B81-B6F9-616A76D8FA28\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ee3301-00:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6360F4D5-AFA7-4BE2-A3DE-8936453FF7ED\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.17\\\\(abyo.7.1\\\\)c0\",\"matchCriteriaId\":\"7CAA5ABD-E88B-4C82-BBCB-BD516B69A441\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:dx4510-b1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.17\\\\(abyl.10.1\\\\)c0\",\"matchCriteriaId\":\"AEA4C738-597E-4BB1-AB7C-8A0343FADFE8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8668990-045A-4DDD-9089-DE0025B69765\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:dx4510-b0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.17\\\\(abyl.10.1\\\\)c0\",\"matchCriteriaId\":\"AC432F5C-8013-4E96-969C-BCFCA11D3883\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:dx4510-b0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0338E1C-2509-4510-8C8D-4BD5AEA47D81\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.50\\\\(abvy.7.1\\\\)c0\",\"matchCriteriaId\":\"F489EEA1-1CFD-4F12-AB89-099A88931280\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BBDC072-5D40-4130-9B5F-22FDA9BF909A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.50\\\\(abvy.7.1\\\\)c0\",\"matchCriteriaId\":\"3DDB2E4D-C18B-46A5-BB8C-294A2E42B711\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2456F691-C182-4BE6-A08F-5E1717366DCA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.50\\\\(abvy.7.1\\\\)c0\",\"matchCriteriaId\":\"F3AEA6BB-ABD1-4A2A-B6B9-F24AF73258C4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D3E176E-F728-4385-8533-4C694D43898A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ee6510-10_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.19\\\\(acjq.4.1\\\\)c0\",\"matchCriteriaId\":\"A28F95D9-1258-4A48-90BD-C940AD483932\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ee6510-10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD4AE46D-E374-4224-9A66-4291B6A10C00\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.50\\\\(abpm.9.7\\\\)c0\",\"matchCriteriaId\":\"85F72409-B064-4373-8F0C-2B2006C28459\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9259E2F6-885D-4B44-8D40-20758DA599D2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.18\\\\(acca.6\\\\)v0\",\"matchCriteriaId\":\"54C6D399-871E-4C6D-BCE4-DFCF7D2C6318\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42297A6A-3E50-4E9E-ABF6-58C77F222DC1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.50\\\\(abpm.9.7\\\\)c0\",\"matchCriteriaId\":\"5050676B-2625-46D9-AA8A-E3A3B81BFE76\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3ECE0EB-C429-4716-ABFB-73540847EB9E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex2210-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.50\\\\(acdi.2.3\\\\)c0\",\"matchCriteriaId\":\"4992D884-890D-41D2-85BA-B2DF13A8941D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex2210-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A71E4E6F-357E-4DAA-B7D7-7CF44000F0CF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.50\\\\(abvy.7.1\\\\)c0\",\"matchCriteriaId\":\"8992291D-7212-4BF7-A038-5B906B376207\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"137F8B94-4176-4D9B-8704-28525E7352D1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.50\\\\(abvy.7.1\\\\)c0\",\"matchCriteriaId\":\"4307A719-A7CA-4F49-BC41-2DD2EBA54ED5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F766221F-7478-4E39-B4CD-A2498ACEE754\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.50\\\\(abvy.7.1\\\\)c0\",\"matchCriteriaId\":\"91388E23-D251-4889-B2D8-42BD053B804D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.44\\\\(achr.5.1\\\\)c0\",\"matchCriteriaId\":\"EAEF1AFA-57D1-497E-87CC-2DCEC84C82D4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8714EB1B-38E5-4295-AD26-EE13E2161DEA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.44\\\\(achr.5.1\\\\)c0\",\"matchCriteriaId\":\"A5050B03-1F8A-40D3-99D5-E5E2F0A8A310\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A98F76BD-0404-46DD-AE6A-EB630FEC8904\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.17\\\\(abup.15.2\\\\)c0\",\"matchCriteriaId\":\"E4338AEC-15AE-44F5-B9CF-743E9CF57014\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex3510-b1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.17\\\\(abup.15.2\\\\)c0\",\"matchCriteriaId\":\"67391540-C81F-4404-8F2F-038DCD719E15\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex3510-b1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F955BD9-4D44-46BE-8605-51C6250A74D9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex3600-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.70\\\\(acif.2.1\\\\)c0\",\"matchCriteriaId\":\"27CE8827-BF43-4B01-A04A-A3F4DC10137B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex3600-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3BCC6A9-1CAE-459D-BE7D-AAB956BD1B92\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.17\\\\(abyo.7.1\\\\)c0\",\"matchCriteriaId\":\"4FDF5568-A486-4E32-B4D5-0FC88C257FA1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7213FA12-5CD6-4E9B-8387-A52AEF17EA10\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.17\\\\(abqx.11.1\\\\)c0\",\"matchCriteriaId\":\"FB37D43B-9E31-4C30-9C8D-C851DB9ED61E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E82D41CC-2EB3-4892-8383-FB2C9EC64D9E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex5512-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.70\\\\(aceg.5.3\\\\)c0\",\"matchCriteriaId\":\"9667BB3D-4148-43D2-8C86-7C062B261265\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F32FA3FB-CE89-4CC1-9D8D-765B90A122DF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.70\\\\(acdz.5.1\\\\)c0\",\"matchCriteriaId\":\"1F04E31F-33BF-47B3-B4CD-57090DA2EA15\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABFF2039-5DCC-4850-8BDA-3D418629C226\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex5601-t1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.70\\\\(acdz.5.1\\\\)c0\",\"matchCriteriaId\":\"87A30CC3-F925-4D23-8D8A-C5DC57CFEFD4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D629D4B6-B2F2-45F1-9295-71751570C231\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex7501-b0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.18\\\\(achn.3.1\\\\)c0\",\"matchCriteriaId\":\"CA4AA948-A8B5-4C46-8082-F71CDDB6C496\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex7501-b0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CE049DE-A5DA-4A4F-BA30-BBD09FF34DE0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ex7710-b0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.18\\\\(acak.1.6\\\\)c0\",\"matchCriteriaId\":\"0453035D-D806-426F-BA39-A640AF4061BC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ex7710-b0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07727D9C-723B-4761-B6B6-07FE1784D3C1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:gm4100-b0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.18\\\\(accl.2\\\\)c0\",\"matchCriteriaId\":\"4E6F3AD9-93A7-4272-B7E7-DB3BAB995B3F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:gm4100-b0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"182AB7CA-DFD4-4C0A-958B-6794A39FFAEF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:pm7500-00_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.61\\\\(ackk.1.2\\\\)c0\",\"matchCriteriaId\":\"D51197C9-8070-41C8-AB30-4C21189E5D90\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:pm7500-00:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD9BE5AD-2CB3-4161-9A24-AD1C96776A35\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.50\\\\(abpm.9.7\\\\)c0\",\"matchCriteriaId\":\"B40D8ACC-70D5-45BC-A9FC-96C4C11B1399\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB5E8468-D12F-4CBE-AC7E-27D5A928A85A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:vmg4005-b50a_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.17\\\\(abqa.3.2\\\\)c0\",\"matchCriteriaId\":\"0588E097-D09F-4FC9-98EC-C070D3DB8139\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88F74228-AC0C-4150-974D-54D77BBF9A90\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:vmg4005-b60a_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.17\\\\(abqa.3.2\\\\)c0\",\"matchCriteriaId\":\"B77CE7B5-1EEC-48BC-9214-DADE59E1C2EE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30C1B91D-3EA0-4A1D-833A-6767A6C84DA3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:ax7501-b1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.17\\\\(abpc.7.1\\\\)c0\",\"matchCriteriaId\":\"8833DF24-1C29-43FB-A639-7E48C0F8DD60\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"780BBA7D-7E2C-4624-AA15-8A51F3DF428F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:pe3301-00_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.63\\\\(acmt.2.1\\\\)c0\",\"matchCriteriaId\":\"C7A32CF9-8AFA-4955-9192-34AB38C648CA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:pe3301-00:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4171802-2480-4F21-A17A-49D8D0E3727A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:pe5301-01_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.63\\\\(acoj.2.1\\\\)c0\",\"matchCriteriaId\":\"D3F2B7AB-4463-47D9-B738-58031AAF5F3F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:pe5301-01:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CFFB6F6-F8ED-4AFA-B1D7-4E9C5D1F7897\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:pm3100-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.42\\\\(acbf.4.1\\\\)c0\",\"matchCriteriaId\":\"9EEAE743-41C2-49C8-8B16-F4082F11DBA0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F78F88D4-A782-4075-A3CB-A728CE4014DF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:pm5100-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.42\\\\(acbf.4.1\\\\)c0\",\"matchCriteriaId\":\"D28748E3-F930-44BF-A500-13FF3FD94A97\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"249AF476-CAA4-4C87-8CC3-E0AF15E61F7E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:pm5100-t1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.42\\\\(acbf.4.1\\\\)c0\",\"matchCriteriaId\":\"E6D7134E-81A6-4055-928D-C2F1FD4B5D17\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:pm5100-t1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4716A455-4D5A-4750-8403-AB7E1A4C3336\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.42\\\\(abyy.4.1\\\\)c0\",\"matchCriteriaId\":\"E5AB72E6-E6CF-40C5-8177-1ADC7E571E2C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AD1E2E3-2BB8-4CB3-AF81-C916312FE361\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.44\\\\(achk.3\\\\)c0\",\"matchCriteriaId\":\"8F751BEB-1A49-4124-B45B-3730AA448CDE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BB525DE-2E08-4848-976E-7DF6C7E19578\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.44\\\\(acjb.1.5\\\\)c0\",\"matchCriteriaId\":\"68683D4E-65E9-4BD0-B9FD-9593170BF6C3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BB525DE-2E08-4848-976E-7DF6C7E19578\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:px5301-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.44\\\\(ackb.0.6\\\\)c0\",\"matchCriteriaId\":\"01B59D2A-6414-4672-A695-744A829416B5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:px5301-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EBB4C27-DAEB-4297-98DC-3B22353B5184\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:scr_50axe_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.30\\\\(acgn.0\\\\)c0\",\"matchCriteriaId\":\"5DB4734B-6915-45F4-9D97-BFE1DB6C95F5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:scr_50axe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4169FB54-F651-48B9-8F3A-5B4430972C74\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.50\\\\(abpm.9.7\\\\)c0\",\"matchCriteriaId\":\"02A1CBEE-2FC8-4726-B69D-18C54E97182F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3535B63-318C-4EB5-ADC8-0AF3FB443DFC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:we3300-00_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.70\\\\(acka.1.1\\\\)c0\",\"matchCriteriaId\":\"A2C2C4E4-C29B-49BB-A1FA-24F4B1B0997E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:we3300-00:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"532CBEBB-0D42-42F7-9916-7D8E360E0776\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:wx3100-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.50\\\\(abvl.4.9\\\\)c0\",\"matchCriteriaId\":\"BC161091-7537-485A-BF26-65D3A550B0B6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2C56248-D12F-46DC-A52F-0607E4A5DCCC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:wx3401-b1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.17\\\\(abve.2.10\\\\)c0\",\"matchCriteriaId\":\"6B17F2F6-3DD9-4674-82CB-A61323BA7277\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:wx3401-b1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7C8FB13-CBCF-4A74-8DFD-874B9A990577\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.70\\\\(aceb.5.1\\\\)c0\",\"matchCriteriaId\":\"9D4B7264-0E03-4527-BA9E-07AF5F4C8D9D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:wx5610-b0_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.18\\\\(acgj.0.5\\\\)c0\",\"matchCriteriaId\":\"B96C5D67-D4B3-460C-8EED-A847F0AF99DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:wx5610-b0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88909887-E078-4EC5-BA49-2EFCABF1EB1B\"}]}]}],\"references\":[{\"url\":\"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-null-pointer-dereference-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-02-24-2026\",\"source\":\"security@zyxel.com.tw\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"defaultStatus\": \"unaffected\", \"product\": \"VMG3625-T50B firmware\", \"vendor\": \"Zyxel\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c= 5.50(ABPM.9.6)C0\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"WX3100-T0 firmware\", \"vendor\": \"Zyxel\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c= 5.50(ABVL.4.8)C0\"}]}], \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware\u0026nbsp;versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request.\"}], \"value\": \"A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware\\u00a0versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request.\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 4.9, \"baseSeverity\": \"MEDIUM\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\", \"version\": \"3.1\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-476\", \"description\": \"CWE-476 NULL Pointer Dereference\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"96e50032-ad0d-4058-a115-4d2c13821f9f\", \"shortName\": \"Zyxel\", \"dateUpdated\": \"2026-02-24T01:37:57.257Z\"}, \"references\": [{\"tags\": [\"vendor-advisory\"], \"url\": \"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-null-pointer-dereference-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-02-24-2026\"}], \"source\": {\"discovery\": \"UNKNOWN\"}, \"x_generator\": {\"engine\": \"Vulnogram 0.5.0\"}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-11846\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-24T16:07:02.451080Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-24T16:08:15.373Z\"}}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-11846\", \"assignerOrgId\": \"96e50032-ad0d-4058-a115-4d2c13821f9f\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"Zyxel\", \"dateReserved\": \"2025-10-16T09:31:00.608Z\", \"datePublished\": \"2026-02-24T01:37:57.257Z\", \"dateUpdated\": \"2026-02-24T16:09:10.139Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.