Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-8748

Summary
Assigner-Zyxel
Assigner Org ID-96e50032-ad0d-4058-a115-4d2c13821f9f
Published At-03 Dec, 2024 | 01:15
Updated At-03 Dec, 2024 | 16:31
Rejected At-
Credits

A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Zyxel
Assigner Org ID:96e50032-ad0d-4058-a115-4d2c13821f9f
Published At:03 Dec, 2024 | 01:15
Updated At:03 Dec, 2024 | 16:31
Rejected At:
▼CVE Numbering Authority (CNA)

A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.

Affected Products
Vendor
Zyxel Networks CorporationZyxel
Product
VMG8825-T50K firmware
Default Status
unaffected
Versions
Affected
  • <= V5.50(ABOM.8.4)C0
Problem Types
TypeCWE IDDescription
CWECWE-120CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024
vendor-advisory
Hyperlink: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
Zyxel Networks Corporationzyxel
Product
vmg8825-t50k_firmware
CPEs
  • cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.50\(abom.8.4\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
lte3301-plus_firmware
CPEs
  • cpe:2.3:o:zyxel:lte3301-plus_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 1.00\(abqu.5\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
lte5388-m804_firmware
CPEs
  • cpe:2.3:o:zyxel:lte5388-m804_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 1.00\(absq.4\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
lte5398-m904_firmware
CPEs
  • cpe:2.3:o:zyxel:lte5398-m904_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 1.00\(abqv.4\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
lte7480-m804_firmware
CPEs
  • cpe:2.3:o:zyxel:lte7480-m804_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 1.00\(abra.9\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
lte7490-m904_firmware
CPEs
  • cpe:2.3:o:zyxel:lte7490-m904_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 1.00\(abqy.8\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
nr7101_firmware
CPEs
  • cpe:2.3:o:zyxel:nr7101_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 1.00\(abuv.10\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
nr7102_firmware
CPEs
  • cpe:2.3:o:zyxel:nr7102_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through v1.00\(abyd.3\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
nebula_nr5101_firmware
CPEs
  • cpe:2.3:o:zyxel:nebula_nr5101_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 1.16\(accg.0\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
nebula_nr7101_firmware
CPEs
  • cpe:2.3:o:zyxel:nebula_nr7101_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 1.16\(accc.0\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
nebula_lte3301-plus_firmware
CPEs
  • cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 1.18\(acca.4\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
dx3300-t0_firmware
CPEs
  • cpe:2.3:o:zyxel:dx3300-t0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.50\(abvy.5.3\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
dx3300-t1_firmware
CPEs
  • cpe:2.3:o:zyxel:dx3300-t1_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.50(abvy.5.3)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
dx3301-t0_firmware
CPEs
  • cpe:2.3:o:zyxel:dx3301-t0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.50\(abvy.5.3\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
dx4510-b0_firmware
CPEs
  • cpe:2.3:o:zyxel:dx4510-b0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.17\(abyl.7\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
dx4510-b1_firmware
CPEs
  • cpe:2.3:o:zyxel:dx4510-b1_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.17\(abyl.7\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
dx5401-b0_firmware
CPEs
  • cpe:2.3:o:zyxel:dx5401-b0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.17\(abyo.6.3\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
dx5401_b1_firmware
CPEs
  • cpe:2.3:o:zyxel:dx5401_b1_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.17\(abyo.6.3\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
ee6510-10_firmware
CPEs
  • cpe:2.3:o:zyxel:ee6510-10_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.19\(acjq.0\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
ex2210-t0_firmware
CPEs
  • cpe:2.3:o:zyxel:ex2210-t0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.50\(acdi.1\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
wx3100-t0_firmware
CPEs
  • cpe:2.3:o:zyxel:wx3100-t0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.50\(abvl.4.3\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
wx3401-b0_firmware
CPEs
  • cpe:2.3:o:zyxel:wx3401-b0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.17\(abve.2.5\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
wx3401-b1_firmware
CPEs
  • cpe:2.3:o:zyxel:wx3401-b1_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.17(abve.2.5)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
wx5600-t0_firmware
CPEs
  • cpe:2.3:o:zyxel:wx5600-t0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.70\(aceb.3.2\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
wx5610-b0_firmware
CPEs
  • cpe:2.3:o:zyxel:wx5610-b0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.18\(acgj.0\)c2 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
ax7501-b0_firmware
CPEs
  • cpe:2.3:o:zyxel:ax7501-b0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.17\(abpc.5.2\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
ax7501-b1_firmware
CPEs
  • cpe:2.3:o:zyxel:ax7501-b1_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.17\(abpc.5.2\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
pm3100-t0_firmware
CPEs
  • cpe:2.3:o:zyxel:pm3100-t0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.42(acbf.2.1)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
pm5100-t0_firmware
CPEs
  • cpe:2.3:o:zyxel:pm5100-t0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.42\(acbf.2.1\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
pm7300-t0_firmware
CPEs
  • cpe:2.3:o:zyxel:pm7300-t0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.42\(abyy.2.2\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
pm7500-t0_firmware
CPEs
  • cpe:2.3:o:zyxel:pm7500-t0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.61\(ackk.0\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
px3321-t1_firmware
CPEs
  • cpe:2.3:o:zyxel:px3321-t1_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.44\(acjb.1\)c0 (custom)
  • From 0 through 5.44\(achk.0.2\)c0 (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
px5301-t0_firmware
CPEs
  • cpe:2.3:o:zyxel:px5301-t0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 5.44\(ackb.0\)c0 (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@zyxel.com.tw
Published At:03 Dec, 2024 | 02:15
Updated At:21 Jan, 2025 | 21:20

A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Zyxel Networks Corporation
zyxel
>>lte3301-plus_firmware>>Versions before 1.00\(abqu.6\)c0(exclusive)
cpe:2.3:o:zyxel:lte3301-plus_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>lte3301-plus>>-
cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>lte5388-m804_firmware>>Versions before 1.00\(absq.5\)c0(exclusive)
cpe:2.3:o:zyxel:lte5388-m804_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>lte5388-m804>>-
cpe:2.3:h:zyxel:lte5388-m804:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>lte5398-m904_firmware>>Versions before 1.00\(abq.5\)c0(exclusive)
cpe:2.3:o:zyxel:lte5398-m904_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>lte5398-m904>>-
cpe:2.3:h:zyxel:lte5398-m904:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>lte7480-m804_firmware>>Versions before 1.00\(abra.10\)c0(exclusive)
cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>lte7480-m804>>-
cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>lte7490-m904_firmware>>Versions before 1.00\(abqy.9\)c0(exclusive)
cpe:2.3:o:zyxel:lte7490-m904_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>lte7490-m904>>-
cpe:2.3:h:zyxel:lte7490-m904:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>nr7101_firmware>>Versions before 1.00\(abu.11\)c0(exclusive)
cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>nr7101>>-
cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>nr7102_firmware>>Versions before 1.00\(abyd.4\)c0(exclusive)
cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>nr7102>>-
cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>nebula_nr5101_firmware>>Versions before 1.16\(accg.1\)c0(exclusive)
cpe:2.3:o:zyxel:nebula_nr5101_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>nebula_nr5101>>-
cpe:2.3:h:zyxel:nebula_nr5101:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>nebula_nr7101_firmware>>Versions before 1.16\(accc.1\)c0(exclusive)
cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>nebula_nr7101>>-
cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>nebula_lte3301-plus_firmware>>Versions before 1.18\(acca.5\)c0(exclusive)
cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>nebula_lte3301-plus>>-
cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx3300-t0_firmware>>Versions before 5.50\(aby.5.4\)c0(exclusive)
cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx3300-t0>>-
cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx3300-t1_firmware>>Versions before 5.50\(aby.5.4\)c0(exclusive)
cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx3300-t1>>-
cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx3301-t0_firmware>>Versions before 5.50\(aby.5.4\)c0(exclusive)
cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx3301-t0>>-
cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx4510-b0_firmware>>Versions before 5.17\(abyl.8\)c0(exclusive)
cpe:2.3:o:zyxel:dx4510-b0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx4510-b0>>-
cpe:2.3:h:zyxel:dx4510-b0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx4510-b1_firmware>>Versions before 5.17\(abyl.8\)c0(exclusive)
cpe:2.3:o:zyxel:dx4510-b1_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx4510-b1>>-
cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx5401-b0_firmware>>Versions before 5.17\(abyo.6.4\)c0(exclusive)
cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx5401-b0>>-
cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx5401-b1_firmware>>Versions before 5.17\(abyo.6.4\)c0(exclusive)
cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx5401-b1>>-
cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ee6510-10_firmware>>Versions before 5.19\(acjq.1\)c0(exclusive)
cpe:2.3:o:zyxel:ee6510-10_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ee6510-10>>-
cpe:2.3:h:zyxel:ee6510-10:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex2210-t0_firmware>>Versions before 5.50\(acdi.2\)c0(exclusive)
cpe:2.3:o:zyxel:ex2210-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex2210-t0>>-
cpe:2.3:h:zyxel:ex2210-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3300-t0_firmware>>Versions before 5.50\(aby.5.4\)c0(exclusive)
cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3300-t0>>-
cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3300-t1_firmware>>Versions before 5.50\(aby.5.4\)c0(exclusive)
cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3300-t1>>-
cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3301-t0_firmware>>Versions before 5.50\(aby.5.4\)c0(exclusive)
cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3301-t0>>-
cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3500-t0_firmware>>Versions before 5.44\(achr.3\)c0(exclusive)
cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3500-t0>>-
cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3501-t0_firmware>>Versions before 5.44\(achr.3\)c0(exclusive)
cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3501-t0>>-
cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3510-b0_firmware>>Versions before 5.17\(abup.13\)c0(exclusive)
cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3510-b0>>-
cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Secondarysecurity@zyxel.com.tw
CWE ID: CWE-120
Type: Secondary
Source: security@zyxel.com.tw
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024security@zyxel.com.tw
Vendor Advisory
Hyperlink: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024
Source: security@zyxel.com.tw
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

531Records found
CVE-2026-7287
Matching Score-10
Assigner-Zyxel Corporation
ShareView Details
Matching Score-10
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 22.46%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 03:56
Updated-16 May, 2026 | 03:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

** UNSUPPORTED WHEN ASSIGNED ** A buffer overflow vulnerability in the formWep(), formWlAc(), formPasswordSetup(), formUpgradeCert(), and formDelcert() functions of the “webs” binary in Zyxel NWA1100-N customized firmware version 1.00(AACE.1)C0 could allow an attacker to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request to a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nwa1100-n_firmwarenwa1100-nNWA1100-N firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-43314
Matching Score-10
Assigner-Zyxel Corporation
ShareView Details
Matching Score-10
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-0.66% / 46.52%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 00:00
Updated-25 Feb, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

** UNSUPPORTED WHEN ASSIGNED **The buffer overflow vulnerability in the Zyxel PMG2005-T20B firmware version V1.00(ABNK.2)b11_C0 could allow an unauthenticated attacker to cause a denial of service condition via a crafted uid.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-pmg2005-t20bpmg2005-t20b_firmwarePMG2005-T20B
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-22922
Matching Score-10
Assigner-Zyxel Corporation
ShareView Details
Matching Score-10
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-0.93% / 56.08%
||
7 Day CHG~0.00%
Published-01 May, 2023 | 00:00
Updated-30 Jan, 2025 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote unauthenticated attacker to cause DoS conditions by sending crafted packets if Telnet is enabled on a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nbg-418n_firmwarenbg-418nNBG-418N v2 firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-5412
Matching Score-10
Assigner-Zyxel Corporation
ShareView Details
Matching Score-10
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-0.66% / 46.81%
||
7 Day CHG~0.00%
Published-03 Sep, 2024 | 01:18
Updated-24 Feb, 2026 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-dx4510-b0_firmwareex5601-t1_firmwareex5512-t0vmg4005-b50aex5510-b0vmg3927-t50k_firmwareax7501-b0_firmwareax7501-b1_firmwarenebula_fwa510_firmwarenr7103_firmwareex7501-b0_firmwaredx3300-t1_firmwarenebula_lte3301-pluspm5100-t0_firmwarenr5103ev2vmg3625-t50bnr5307ax7501-b0vmg3927-t50kpx3321-t1ex5401-b0_firmwaredx5401-b0ex7710-b0_firmwarenebula_fwa505_firmwareex3501-t0_firmwarewx3401-b0dx4510-b0nebula_fwa505nebula_lte3301-plus_firmwarepm7300-t0_firmwarevmg4005-b60a_firmwareemg3525-t50b_firmwarepm3100-t0dx5401-b0_firmwareex5401-b0vmg8825-t50kscr50axe_firmwaredx5401-b1nr7302_firmwareex5401-b1_firmwareemg3525-t50bemg5723-t50kex5510-b0_firmwarewx3100-t0dx5401-b1_firmwareex5601-t1nr5103ev2_firmwarenr7303nr7302wx3401-b0_firmwarepm7300-t0nr7501_firmwarenr5103_firmwareemg5723-t50k_firmwarevmg8623-t50b_firmwarenebula_fwa710_firmwareex3301-t0ex3510-b0dx3301-t0ex7501-b0wx5600-t0_firmwareex5401-b1nr5103ex3500-t0ex3300-t1_firmwarescr_50axedx3301-t0_firmwareex3500-t0_firmwarevmg8825-t50k_firmwarevmg3625-t50b_firmwarenr7303_firmwarevmg8623-t50bvmg4005-b50a_firmwareex5601-t0_firmwareex3301-t0_firmwarenebula_fwa710vmg4005-b60adx3300-t0ex5601-t0nr5307_firmwaredx3300-t1ex3510-b0_firmwareex7710-b0wx3100-t0_firmwareex3300-t0ex3300-t1nebula_fwa510wx5600-t0pm5100-t0ex5512-t0_firmwarenr7501ex3300-t0_firmwareemg5523-t50b_firmwarepx3321-t1_firmwarenr7103ex3501-t0ax7501-b1dx3300-t0_firmwareemg5523-t50bpm3100-t0_firmwareVMG8825-T50K firmwarevmg8825-t50k_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-22915
Matching Score-10
Assigner-Zyxel Corporation
ShareView Details
Matching Score-10
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-1.05% / 59.98%
||
7 Day CHG~0.00%
Published-24 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the “fbwifi_forward.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.30 through 5.35, USG20(W)-VPN firmware versions 4.30 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote unauthenticated attacker to cause DoS conditions by sending a crafted HTTP request if the Facebook WiFi function were enabled on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-usg_flex_50w_firmwarevpn100usg_20w-vpnusg_20w-vpn_firmwareusg_flex_500usg_flex_200usg_flex_500_firmwarevpn1000_firmwareusg_flex_100w_firmwareusg_flex_100vpn50usg_flex_100_firmwareusg_flex_200_firmwareusg_flex_50wvpn50_firmwareusg_flex_50_firmwareusg_flex_700_firmwareusg_flex_700vpn100_firmwarevpn1000vpn300usg_flex_100wvpn300_firmwareusg_flex_50USG FLEX 50(W) firmwareUSG20(W)-VPN firmwareUSG FLEX series firmwareVPN series firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-22917
Matching Score-10
Assigner-Zyxel Corporation
ShareView Details
Matching Score-10
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-0.88% / 54.37%
||
7 Day CHG~0.00%
Published-24 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the “sdwan_iface_ipc” binary of Zyxel ATP series firmware versions 5.10 through 5.32, USG FLEX series firmware versions 5.00 through 5.32, USG FLEX 50(W) firmware versions 5.10 through 5.32, USG20(W)-VPN firmware versions 5.10 through 5.32, and VPN series firmware versions 5.00 through 5.35, which could allow a remote unauthenticated attacker to cause a core dump with a request error message on a vulnerable device by uploading a crafted configuration file.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-vpn100atp100_firmwareatp100atp800_firmwareusg_flex_200usg_flex_500_firmwareusg_flex_100w_firmwareusg_flex_100vpn300_firmwareatp100w_firmwareatp100wusg_flex_200_firmwarevpn50_firmwareatp200atp700usg_flex_700vpn100_firmwarevpn300usg_flex_100wusg_flex_50w_firmwareusg_20w-vpnatp700_firmwareusg_20w-vpn_firmwareatp500_firmwareatp800vpn1000_firmwarevpn50usg_flex_100_firmwareusg_flex_50wusg_flex_50_firmwareatp500usg_flex_700_firmwarevpn1000usg_flex_500usg_flex_50atp200_firmwareVPN series firmwareATP series firmwareUSG FLEX 50(W) firmwareUSG20(W)-VPN firmwareUSG FLEX series firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-42058
Matching Score-8
Assigner-Zyxel Corporation
ShareView Details
Matching Score-8
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-0.62% / 45.05%
||
7 Day CHG~0.00%
Published-03 Sep, 2024 | 01:47
Updated-13 Dec, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V5.20 through V5.38, and USG20(W)-VPN series firmware versions from V5.20 through V5.38 could allow an unauthenticated attacker to cause DoS conditions by sending crafted packets to a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zldusg_20w-vpnatp100atp800usg_flex_200usg_flex_100atp100wusg_flex_50watp200atp500atp700usg_flex_100axusg_flex_700usg_flex_100wusg_flex_500usg_flex_50USG FLEX 50(W) series firmwareUSG20(W)-VPN series firmwareUSG FLEX series firmwareATP series firmwareusg_flex_50w_firmwareatp800_firmwareusg_flex_700h_firmware
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-6599
Matching Score-8
Assigner-Zyxel Corporation
ShareView Details
Matching Score-8
Assigner-Zyxel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.27% / 18.87%
||
7 Day CHG~0.00%
Published-18 Nov, 2025 | 01:19
Updated-16 Dec, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris‑style denial‑of‑service (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other networking services remain unaffected.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-vmg3927-t50k_firmwareex3500-t0nr5103we3300-00_firmwarenebula_fwa505_firmwarevmg3927-b50b_firmwareee6510-10_firmwaredx3300-t0_firmwareex7501-b0dx5401-b0_firmwarewx5600-t0_firmwaregm4100-b0vmg8825-t50kpm7300-t0ex3501-t0_firmwareex3300-t0_firmwarevmg8825-t50k_firmwarevmg4005-b50adx4510-b1_firmwaredx3301-t0emg6726-b10a_firmwareex3301-t0vmg4005-b50a_firmwareex5512-t0nr5309dx3301-t0_firmwareax7501-b0_firmwarescr_50axeemg5523-t50b_firmwareax7501-b1dx3300-t0ex7501-b0_firmwareee5301-00_firmwareex5601-t0nr7303px5301-t0_firmwareex5510-b0nebula_fwa515_firmwareemg5523-t50bvmg4005-b60anr7302ex5401-b0pm7500-00_firmwarevmg3625-t50b_firmwarevmg4005-b50b_firmwarepx3321-t1pm5100-t0_firmwarewx5600-t0nebula_fwa505emg5723-t50kax7501-b0ex3300-t1pe5301-01ex3300-t1_firmwaredx5401-b1gm4100-b0_firmwaredx5401-b0wx3401-b1_firmwarenr5103e_firmwarepm7500-00ee3301-00_firmwarewx3401-b1nr5103_firmwarenebula_fwa510vmg8623-t50b_firmwarescr_50axe_firmwarewx5610-b0_firmwarepm5100-t0emg6726-b10apm3100-t0ex7710-b0ex5501-b0vmg8623-t50bwe3300-00vmg4005-b60a_firmwarewx3401-b0nr5309_firmwareex3500-t0_firmwarenebula_fwa515ex5501-b0_firmwareex5401-b1ex3600-t0_firmwarelte3301-pluswx3401-b0_firmwarevmg3625-t50bpx3321-t1_firmwareex7710-b0_firmwarenebula_fwa710ex5601-t1_firmwarelte3301-plus_firmwarevmg4927-b50adm4200-b0_firmwareex5401-b1_firmwaredx3300-t1wx5610-b0vmg4927-b50a_firmwareex3501-t0ex5401-b0_firmwareemg5723-t50k_firmwareee5301-00vmg3927-t50kex5512-t0_firmwaredx5401-b1_firmwareemg3525-t50bax7501-b1_firmwareex5601-t1ex3300-t0nr5103enebula_fwa510_firmwareex3600-t0vmg3927-b50bnr7303_firmwarenr7302_firmwarevmg4005-b50bpx5301-t0pe3301-00nebula_fwa710_firmwaredm4200-b0wx3100-t0_firmwaredx3300-t1_firmwarepm3100-t0_firmwarewx3100-t0pe5301-01_firmwarepm7300-t0_firmwarepe3301-00_firmwareex3301-t0_firmwareemg3525-t50b_firmwareex5601-t0_firmwareee6510-10ex5510-b0_firmwareee3301-00dx4510-b1DX3301-T0 firmware
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-4398
Matching Score-8
Assigner-Zyxel Corporation
ShareView Details
Matching Score-8
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-0.88% / 54.41%
||
7 Day CHG~0.00%
Published-28 Nov, 2023 | 01:48
Updated-17 Oct, 2024 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions on an affected device by sending a crafted IKE packet.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zldvpn100usg_20w-vpnatp100atp800usg_flex_200vpn50usg_flex_100atp100wusg_flex_50watp200atp700atp500usg_flex_700vpn1000vpn50wvpn300usg_flex_100wusg_flex_500usg_flex_50USG FLEX 50(W) series firmwareATP series firmwareVPN series firmwareUSG FLEX series firmwareUSG20(W)-VPN series firmwareusg_flex_50w_firmwarevpn_firmwareatp_firmwareusg20w-vpn_firmwareusg_flex_firmware
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-43392
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.62% / 45.22%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 00:00
Updated-25 Feb, 2026 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nebula_lte7461-m602lte7461-m602ex5601-t1_firmwareex5510-b0ex5512-t0vmg4005-b50avmg3927-t50k_firmwarepmg5617-t20b2_firmwareax7501-b0_firmwarepmg5617-t20b2pmg5617ganebula_lte3301-plusnr7102_firmwarepm5100-t0_firmwarelte7480-m804_firmwarelte7490-m904_firmwarelte5388-m804ax7501-b0nebula_nr5101vmg3927-t50kex5401-b0_firmwaredx5401-b0wx3401-b0lte7480-m804nebula_lte3301-plus_firmwarenebula_lte7461-m602_firmwarepm7300-t0_firmwarevmg4005-b60a_firmwaredx5401-b0_firmwareemg3525-t50b_firmwarepm3100-t0ex5401-b0vmg8825-t50klte5388-m804_firmwarelte7490-m904ex5501-b0lte7480-s905nr7102nr7101_firmwareemg3525-t50bemg5723-t50klte7480-s905_firmwareex5510-b0_firmwarewx3100-t0lte7485-s905ex5601-t1pmg5317-t20b_firmwareex5501-b0_firmwarewx3401-b0_firmwarelte7240-m403pm7300-t0lte3301-plus_firmwarelte7485-s905_firmwareemg5723-t50k_firmwarevmg8623-t50b_firmwaredx3301-t0ex3301-t0ex3510-b0lte5398-m904ex5600-t1nebula_nr7101_firmwarepmg5622gawx5600-t0_firmwarepmg5622ga_firmwarenr5101_firmwarepmg5317-t20bpmg5617ga_firmwaredx4510-b1dx3301-t0_firmwarelte5398-m904_firmwarevmg8825-t50k_firmwarevmg4005-b50a_firmwarevmg8623-t50bpm7320-b0_firmwareex5601-t0_firmwareex5600-t1_firmwarenebula_nr5101_firmwareex3301-t0_firmwarepm7320-b0vmg4005-b60alte7461-m602_firmwareex5601-t0ex3510-b0_firmwarewx3100-t0_firmwarenr5101ex5512-t0_firmwarepm5100-t0wx5600-t0emg5523-t50b_firmwarenebula_nr7101dx4510-b1_firmwarenr7101lte3301-pluslte7240-m403_firmwareemg5523-t50bpm3100-t0_firmwareNR7101 firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-26414
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-6||MEDIUM
EPSS-0.20% / 9.86%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 12:05
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-vmg8825-b60apx7501-b0vmg3927-t50kvmg3927-b50bvmg3927-b60a_firmwarevmg8825-t50kdx5401-b0ax7501-b0ex3510-b0vmg3927-b50a_firmwarevmg8623-t50bvmg4927-b50aemg3525-t50bvmg1312-t20bvmg8825-t50k_firmwarepm7300-t0_firmwareemg5723-t50kvmg3312-t20a_firmwareemg6726-b10avmg4927-b50a_firmwarexmg8825-b50apmg5622gapmg5317-t20b_firmwarepmg5617-t20b2vmg3927-b50apmg5622ga_firmwareex5401-b0_firmwarevmg8825-b60a_firmwarexmg3927-b50a_firmwareemg5523-t50bvmg8623-t50b_firmwarepmg5317-t20bex5501-b0vmg8825-b60bvmg8825-b50b_firmwarepmg5617-t20b2_firmwarepx7501-b0_firmwaredx5401-b0_firmwareex5501-b0_firmwareex5401-b0xmg3927-b50avmg1312-t20b_firmwarepmg5617gavmg8825-b50a_firmwareex3510-b0_firmwarevmg3312-t20axmg8825-b50a_firmwareax7501-b0_firmwareemg5723-t50k_firmwarevmg3927-t50k_firmwareep240p_firmwarevmg8825-b50bvmg8825-b50avmg3927-b60aemg5523-t50b_firmwarevmg8825-b60b_firmwarepm7300-t0vmg3625-t50bpmg5617ga_firmwarevmg3625-t50b_firmwareemg6726-b10a_firmwareemg3525-t50b_firmwarevmg3927-b50b_firmwareep240pVMG3312-T20A firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-8882
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-4.5||MEDIUM
EPSS-0.24% / 14.13%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 01:23
Updated-14 Nov, 2024 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service (DoS) conditions via a crafted URL.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-gs1900-24hpv2_firmwaregs1900-10hpgs1900-24_firmwaregs1900-24e_firmwaregs1900-8gs1900-8hp_firmwaregs1900-48_firmwaregs1900-48hpv2_firmwaregs1900-48hpv2gs1900-24epgs1900-24ep_firmwaregs1900-24gs1900-8hpgs1900-24egs1900-24hpv2gs1900-8_firmwaregs1900-48gs1900-16_firmwaregs1900-10hp_firmwaregs1900-16GS1900-48 firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-3870
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.17% / 6.36%
||
7 Day CHG~0.00%
Published-02 Jun, 2026 | 01:54
Updated-02 Jun, 2026 | 13:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the UPnP AddPortMapping() command in Zyxel VMG4005-B50B firmware versions through 5.13(ABRL.5.4)C0 could allow an adjacent attacker to trigger a temporary denial-of-service (DoS) condition affecting the UPnP function of the affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-VMG4005-B50B firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-9197
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.48% / 37.61%
||
7 Day CHG~0.00%
Published-03 Dec, 2024 | 01:24
Updated-21 Jan, 2025 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication buffer overflow vulnerability in the parameter "action" of the CGI program in Zyxel VMG3625-T50B firmware versions through V5.50(ABPM.9.2)C0 could allow an authenticated attacker with administrator privileges to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP GET request to a vulnerable device if the function ZyEE is enabled.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-ex3500-t0_firmwareex5510-b0_firmwareex3301-t0emg5523-t50b_firmwaredx5401-b1dx5401-b0_firmwareex5501-b0_firmwareex3510-b0px5301-t0ax7501-b0ex3300-t0_firmwareex3500-t0vmg8623-t50bax7501-b1_firmwareex5600-t1ex3300-t0dx5401-b1_firmwareemg5723-t50kee6510-10_firmwareex5401-b1_firmwareex3501-t0_firmwareex5601-t0_firmwarevmg8825-t50k_firmwareex3600-t0_firmwareex3300-t1dx4510-b1wx5600-t0_firmwareemg3525-t50bpx3321-t1ee6510-10dx3300-t1ax7501-b1px5301-t0_firmwareex3510-b1ex5600-t1_firmwaredx4510-b0dx3300-t1_firmwareex3510-b0_firmwareemg5523-t50bex5401-b0ex5601-t1dx3300-t0ex5401-b0_firmwarepx3321-t1_firmwaredx4510-b1_firmwareex3301-t0_firmwareex5510-b0vmg3927-t50k_firmwareex5401-b1ex7501-b0_firmwareemg3525-t50b_firmwarevmg3625-t50bax7501-b0_firmwarevmg8623-t50b_firmwareemg5723-t50k_firmwareex5501-b0ex3600-t0dx3300-t0_firmwaredx3301-t0ex3300-t1_firmwaredx3301-t0_firmwareex5601-t1_firmwarevmg8825-t50kdx4510-b0_firmwareex5601-t0ex7501-b0wx5600-t0ex3510-b1_firmwaredx5401-b0vmg3927-t50kex3501-t0vmg3625-t50b_firmwareVMG3625-T50B firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-3871
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.17% / 6.36%
||
7 Day CHG~0.00%
Published-02 Jun, 2026 | 02:04
Updated-02 Jun, 2026 | 13:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the UPnP DeletePortMapping() command in Zyxel VMG4005-B50B firmware versions through 5.13(ABRL.5.4)C0 could allow an adjacent attacker to trigger a temporary denial-of-service (DoS) condition affecting the UPnP function of the affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-VMG4005-B50B firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-7673
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.55% / 41.42%
||
7 Day CHG~0.00%
Published-16 Jul, 2025 | 07:11
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-vmg1312-t20bemg5723-t50k_firmwarevmg3927-t50kvmg8825-b50avmg8924-b10d_firmwarexmg8825-b50avmg8825-t50k_firmwarevmg3925-b10bemg5523-t50bxmg8825-b50a_firmwarevmg4005-b50b_firmwarevmg3927-t50k_firmwarevmg3927-b50bvmg8825-b60aemg3525-t50b_firmwareemg6726-b10avmg8825-b60a_firmwarevmg3625-t50b_firmwarevmg8825-t50kvmg3927-b50avmg4927-b50avmg3927-b60a_firmwareex5510-b0vmg3925-b10b_firmwarevmg8825-bx0b_firmwarevmg3925-b10cxmg3927-b50a_firmwarevmg4927-b50a_firmwarevmg3927-b50b_firmwarevmg3625-t50bex3510-b0vmg1312-t20b_firmwareemg5523-t50b_firmwareex3510-b0_firmwarevmg8623-t50b_firmwarevmg8924-b10demg3525-t50bemg5723-t50kvmg8623-t50bvmg3927-b50a_firmwarevmg8825-bx0bvmg8825-b50a_firmwarevmg3925-b10c_firmwareemg6726-b10a_firmwareex5510-b0_firmwarevmg3927-b60axmg3927-b50avmg4005-b50bVMG8825-T50K firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-0816
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.14% / 4.05%
||
7 Day CHG~0.00%
Published-21 May, 2024 | 01:29
Updated-22 Jan, 2025 | 22:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nebula_lte7461-m602_firmwarelte5388-m804_firmwareex3510_firmwarelte5398-m904ex5600-t1_firmwareex3501-t0vmg4005-b60alte5388-m804lte7480-m804_firmwaredx4510_firmwarenr5103edx4510dx5401-b0_firmwarevmg8623-t50b_firmwareex3320-t0pm7300-t0lte7490-m904_firmwarenr7303_firmwarenebula_fwa510nr7501_firmwarevmg4005-b60a_firmwarepx3321-t1_firmwarewx3100-t0_firmwarevmg8825-t50k_firmwareemg3525-t50blte3301-plusex3320-t1_firmwarenebula_fwa710nr7101_firmwareex7710-b0_firmwarenr5307dx5401-b1ex7710-b0nr7302ax7501-b1nebula_lte3301-plusdx3300-t1_firmwarenebula_fwa505ex5600-t1wx5600-t0_firmwarenr7303ax7501-b0_firmwareex3510ex5601-t1_firmwarevmg8623-t50bnebula_nr7101_firmwarenr7103vmg3927-t50k_firmwarenebula_nr5101wx3100-t0nr5103ev2nebula_fwa710_firmwarenebula_nr5101_firmwarevmg4005-b50a_firmwarenebula_fwa510_firmwarenr5307_firmwareex3300-t1_firmwarepm5100-t0ex3500-t0_firmwarelte5398-m904_firmwaredx5401-b0nebula_lte3301-plus_firmwareex3501-t0_firmwarepx3321-t1ex5510vmg8825-t50kvmg3625-t50b_firmwarenr7302_firmwarenebula_fwa505_firmwarepm3100-t0wx3401-b0_firmwarewx5610-b0ex5401-b0lte7480-m804vmg3927-t50kex5401-b1_firmwarenbg7510_firmwarenr7501vmg4005-b50aex5601-t0_firmwareex5401-b0_firmwareex3301-t0nr7103_firmwareemg5723-t50kdx3300-t1ex3320-t1nr7102wx5610-b0_firmwarenebula_nr7101dx5401-b1_firmwareex5601-t1ex3320-t0_firmwarenr7102_firmwareex5512-t0_firmwarewx5600-t0wx3401-b0lte3202-m437ax7501-b1_firmwarenr5103ex3301-t0_firmwareemg5523-t50bemg5523-t50b_firmwareex5501-b0lte3301-plus_firmwarepm5100-t0_firmwarepm7300-t0_firmwareex3300-t1vmg3625-t50bex5401-b1emg5723-t50k_firmwaredx3301-t0ex5601-t0ex5510_firmwarepm3100-t0_firmwarenr5103_firmwarenr7101lte7490-m904emg3525-t50b_firmwarenebula_lte7461-m602dx3301-t0_firmwareax7501-b0ex5512-t0ex3500-t0lte3202-m437_firmwarenbg7510ex5501-b0_firmwarenr5103ev2_firmwarelte7240-m403lte7240-m403_firmwarenr5103e_firmwareDX3300-T1 firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-34140
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.27% / 18.20%
||
7 Day CHG~0.00%
Published-17 Jul, 2023 | 17:49
Updated-21 Oct, 2024 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN series firmware versions 4.30 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to cause denial of service (DoS) conditions by sending a crafted request to the CAPWAP daemon.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zywall_vpn_300zywall_atp700zywall_atp700_firmwarezywall_vpn_50_firmwarezywall_atp800zywall_vpn_50usg_flex_200zywall_atp100_firmwareusg_flex_500_firmwareusg_2200-vpn_firmwareusg_flex_100usg_flex_100w_firmwarezywall_vpn300_firmwareusg_flex_200_firmwareusg_2200-vpnzywall_atp200zywall_vpn50nxc5500zywall_vpn100_firmwarenxc2500zywall_vpn100usg_flex_700zywall_atp100w_firmwareusg_flex_100wzywall_atp800_firmwareusg_flex_50w_firmwarezywall_atp200_firmwareusg_20w-vpnzywall_atp500usg_20w-vpn_firmwarezywall_atp100usg_flex_100_firmwarenxc5500_firmwarezywall_atp100wzywall_atp500_firmwareusg_flex_50wnxc2500_firmwareusg_flex_50_firmwarezywall_vpn300zywall_vpn_300_firmwareusg_flex_700_firmwarezywall_vpn_100zywall_vpn2szywall_vpn2s_firmwarezywall_vpn50_firmwareusg_flex_500usg_flex_50zywall_vpn_100_firmwareUSG FLEX 50(W) series firmwareNXC5500 firmwareATP series firmwareVPN series firmwareNXC2500 firmwareUSG FLEX series firmwareUSG20(W)-VPN series firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-28769
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.42% / 91.66%
||
7 Day CHG~0.00%
Published-27 Apr, 2023 | 00:00
Updated-31 Jan, 2025 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The buffer overflow vulnerability in the library “libclinkc.so” of the web server “zhttpd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-dx5401-b0_firmwaredx5401-b0DX5401-B0 firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-4397
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.23% / 13.93%
||
7 Day CHG~0.00%
Published-28 Nov, 2023 | 01:42
Updated-02 Aug, 2024 | 07:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zldusg_20w-vpnatp100atp800usg_flex_200usg_flex_100atp100wusg_flex_50watp200atp500atp700usg_flex_700vpn50wusg_flex_100wusg_flex_500usg_flex_50ATP series firmwareUSG20(W)-VPN series firmwareUSG FLEX series firmware USG FLEX 50(W) series firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-37929
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.55% / 41.42%
||
7 Day CHG~0.00%
Published-21 May, 2024 | 01:23
Updated-22 Jan, 2025 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-ex3510_firmwarevmg8825-t50kvmg3625-t50b_firmwareex5600-t1_firmwareex3501-t0wx5610-b0ex5401-b0vmg3927-t50kex5401-b1_firmwaredx4510_firmwaredx4510dx5401-b0_firmwarevmg8623-t50b_firmwarenbg7510_firmwareex5601-t0_firmwareex5401-b0_firmwareex3301-t0emg5723-t50kdx3300-t1wx3100-t0_firmwarevmg8825-t50k_firmwareemg3525-t50bwx5610-b0_firmwaredx5401-b1_firmwareex5601-t1ex5512-t0_firmwarewx5600-t0ex7710-b0_firmwareax7501-b1_firmwareex3301-t0_firmwareemg5523-t50bdx5401-b1emg5523-t50b_firmwareex5501-b0ex7710-b0ex3300-t1ax7501-b1dx3300-t1_firmwarevmg3625-t50bex5401-b1emg5723-t50k_firmwaredx3301-t0ex5600-t1wx5600-t0_firmwareex5601-t0ax7501-b0_firmwareex3510ex5601-t1_firmwarevmg8623-t50bex5510_firmwarevmg3927-t50k_firmwarewx3100-t0emg3525-t50b_firmwaredx3301-t0_firmwareax7501-b0nbg7510ex5512-t0ex3500-t0ex3300-t1_firmwareex5501-b0_firmwareex3500-t0_firmwaredx5401-b0ex3501-t0_firmwareex5510V5.50(ABPM.8)C0 firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-33009
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-9.8||CRITICAL
EPSS-28.14% / 97.86%
||
7 Day CHG~0.00%
Published-24 May, 2023 | 00:00
Updated-26 Feb, 2026 | 15:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-06-26||Apply updates per vendor instructions.

A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-usg_flex_200_firmwareusg_flex_700_firmwareusg_flex_200usg_flex_500_firmwareatp100wvpn1000_firmwareusg_60_firmwareusg_flex_100w_firmwareusg_flex_50vpn100usg20-vpn_firmwareusg20-vpnusg_40_firmwareusg_flex_50_firmwareusg_40watp200vpn300_firmwareusg_flex_50w_firmwareusg_flex_50wvpn1000usg_60atp700atp100_firmwareusg_40usg_flex_100_firmwareusg_flex_100vpn300atp100w_firmwareusg_40w_firmwareusg_flex_500atp500vpn100_firmwarevpn50usg_20w-vpn_firmwareatp200_firmwareusg_60w_firmwareatp500_firmwarevpn50_firmwareatp700_firmwareatp800_firmwareatp800usg_20w-vpnusg_flex_700usg_60wusg_flex_100watp100USG FLEX series firmwareATP series firmwareUSG20(W)-VPN firmwareUSG FLEX 50(W) firmwareVPN series firmwareZyWALL/USG series firmwareMultiple Firewalls
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-33010
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-9.8||CRITICAL
EPSS-28.81% / 97.90%
||
7 Day CHG~0.00%
Published-24 May, 2023 | 00:00
Updated-27 Oct, 2025 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-06-26||Apply updates per vendor instructions.

A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-usg_flex_100usg_flex_500_firmwarevpn300_firmwarevpn50atp100_firmwareatp500_firmwareatp100w_firmwareusg_flex_700_firmwareusg_40w_firmwareusg_40wusg_flex_50w_firmwareusg20-vpn_firmwareatp700_firmwarevpn100atp800usg_60w_firmwareusg_flex_200_firmwareusg_flex_100wusg_60wvpn100_firmwareusg_flex_50usg_flex_100_firmwareusg_60_firmwareusg_20w-vpn_firmwareusg20-vpnusg_60usg_flex_700usg_flex_50_firmwareatp100atp200atp800_firmwarevpn300usg_flex_100w_firmwarevpn1000atp200_firmwareusg_flex_500vpn1000_firmwareusg_40_firmwareusg_40atp100wusg_flex_200atp700vpn50_firmwareusg_flex_50wusg_20w-vpnatp500USG FLEX series firmwareATP series firmwareUSG20(W)-VPN firmwareUSG FLEX 50(W) firmwareVPN series firmwareZyWALL/USG series firmwareMultiple Firewalls
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-27989
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.02% / 58.80%
||
7 Day CHG~0.00%
Published-05 Jun, 2023 | 11:02
Updated-08 Jan, 2025 | 17:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-lte7490-m904_firmwarenr7101_firmwarelte7490-m904nebula_nr7101lte7480-m804lte7480-m804_firmwarenebula_nr7101_firmwarenr7101NR7101 firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-6343
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.60% / 44.28%
||
7 Day CHG~0.00%
Published-03 Sep, 2024 | 01:28
Updated-13 Dec, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zldusg_20w-vpnatp100atp800usg_flex_200usg_flex_100atp100wusg_flex_50watp200atp500atp700usg_flex_100axusg_flex_700usg_flex_100wusg_flex_500usg_flex_50USG FLEX 50(W) series firmwareUSG20(W)-VPN series firmwareUSG FLEX series firmwareATP series firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-22924
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.80% / 51.78%
||
7 Day CHG~0.00%
Published-01 May, 2023 | 00:00
Updated-30 Jan, 2025 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing crafted CLI commands on a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nbg-418n_firmwarenbg-418nNBG-418N v2 firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-43391
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.72% / 49.15%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 00:00
Updated-25 Feb, 2026 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nebula_lte7461-m602lte7461-m602ex5601-t1_firmwareex5510-b0ex5512-t0vmg4005-b50avmg3927-t50k_firmwarepmg5617-t20b2_firmwareax7501-b0_firmwarepmg5617-t20b2pmg5617ganebula_lte3301-plusnr7102_firmwarepm5100-t0_firmwarelte7480-m804_firmwarelte7490-m904_firmwarelte5388-m804ax7501-b0nebula_nr5101vmg3927-t50kex5401-b0_firmwaredx5401-b0wx3401-b0lte7480-m804nebula_lte3301-plus_firmwarenebula_lte7461-m602_firmwarepm7300-t0_firmwarevmg4005-b60a_firmwaredx5401-b0_firmwareemg3525-t50b_firmwarepm3100-t0ex5401-b0vmg8825-t50klte5388-m804_firmwarelte7490-m904ex5501-b0lte7480-s905nr7102nr7101_firmwareemg3525-t50bemg5723-t50klte7480-s905_firmwareex5510-b0_firmwarewx3100-t0lte7485-s905ex5601-t1pmg5317-t20b_firmwareex5501-b0_firmwarewx3401-b0_firmwarelte7240-m403pm7300-t0lte3301-plus_firmwarelte7485-s905_firmwareemg5723-t50k_firmwarevmg8623-t50b_firmwaredx3301-t0ex3301-t0ex3510-b0lte5398-m904ex5600-t1nebula_nr7101_firmwarepmg5622gawx5600-t0_firmwarepmg5622ga_firmwarenr5101_firmwarepmg5317-t20bpmg5617ga_firmwaredx4510-b1dx3301-t0_firmwarelte5398-m904_firmwarevmg8825-t50k_firmwarevmg4005-b50a_firmwarevmg8623-t50bpm7320-b0_firmwareex5601-t0_firmwareex5600-t1_firmwarenebula_nr5101_firmwareex3301-t0_firmwarepm7320-b0vmg4005-b60alte7461-m602_firmwareex5601-t0ex3510-b0_firmwarewx3100-t0_firmwarenr5101ex5512-t0_firmwarepm5100-t0wx5600-t0emg5523-t50b_firmwarenebula_nr7101dx4510-b1_firmwarenr7101lte3301-pluslte7240-m403_firmwareemg5523-t50bpm3100-t0_firmwareNR7101 firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-43389
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-8.6||HIGH
EPSS-0.61% / 44.55%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 00:00
Updated-09 Apr, 2025 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the library of the web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-lte3202-m437pmg5317-t20bpm7320-b0_firmwarepm7320-b0nebula_fwa710nr7102nr5103e_firmwarenebula_nr7101pmg5617ganr7103_firmwarenebula_fwa510nr7102_firmwarenr7101nebula_fwa510_firmwareep240p_firmwarenr7101_firmwarelte7490-m904nr7103nebula_fwa710_firmwarelte3316-m604_firmwarepmg5622galte7480-m804_firmwarenr5103enebula_nr7101_firmwarepmg5317-t20b_firmwarelte7490-m904_firmwarepmg5622ga_firmwarelte3316-m604nr5103_firmwarelte3202-m437_firmwarenr5103pmg5617ga_firmwarelte7480-m804ep240pNR7101 firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-37926
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.22% / 12.47%
||
7 Day CHG~0.00%
Published-28 Nov, 2023 | 01:37
Updated-02 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zldvpn100usg_20w-vpnatp100atp800usg_flex_200vpn50usg_flex_100atp100wusg_flex_50watp200atp700atp500usg_flex_700vpn1000vpn50wvpn300usg_flex_100wusg_flex_500usg_flex_50USG FLEX 50(W) series firmwareATP series firmwareVPN series firmwareUSG FLEX series firmwareUSG20(W)-VPN series firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-24418
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.57% / 42.92%
||
7 Day CHG+0.02%
Published-21 Jan, 2025 | 00:00
Updated-24 Mar, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_pdn_address function at /nas/ies/PdnAddress.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Action-Not Available
Vendor-n/aThe Linux Foundation
Product-magman/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-28959
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.5||HIGH
EPSS-0.60% / 44.29%
||
7 Day CHG-0.02%
Published-11 May, 2026 | 20:07
Updated-12 May, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination.

Action-Not Available
Vendor-Apple Inc.
Product-watchOSiOS and iPadOSvisionOStvOSmacOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-48501
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.43% / 34.55%
||
7 Day CHG+0.07%
Published-19 Jun, 2023 | 00:00
Updated-26 Dec, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiEMUI
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26827
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.70% / 74.25%
||
7 Day CHG~0.00%
Published-14 Apr, 2021 | 13:53
Updated-03 Aug, 2024 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the "/userRpm/popupSiteSurveyRpm.html" webpage, which crashes the router.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-tl-wr2041\+_firmwaretl-wr2041\+n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-28875
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.5||HIGH
EPSS-0.48% / 37.91%
||
7 Day CHG~0.00%
Published-25 Mar, 2026 | 00:32
Updated-02 Apr, 2026 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 26.4 and iPadOS 26.4. A remote attacker may be able to cause a denial-of-service.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osipadosiOS and iPadOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-30075
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.38% / 29.93%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 00:00
Updated-14 Apr, 2026 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing UplinkNASTransport containing Authentication Response containing a NAS PDU with oversize response (For example 100 byte). The response is decoded by AMF and passed to the AUSF component for verification. AUSF crashes on receiving this oversize response. This can prohibit users from further registration and verification and can cause Denial of Services (DoS).

Action-Not Available
Vendor-openairinterfacen/a
Product-oai-cn5g-amfn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-48490
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.43% / 34.55%
||
7 Day CHG+0.07%
Published-19 Jun, 2023 | 00:00
Updated-17 Dec, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiEMUI
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-25426
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.51% / 39.66%
||
7 Day CHG+0.05%
Published-30 May, 2026 | 14:55
Updated-03 Jun, 2026 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WinMTR 0.91 Denial of Service via Buffer Overflow

WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers can create a specially crafted input file with 238 bytes of data to trigger a buffer overflow condition that causes the application to crash.

Action-Not Available
Vendor-winmtrWinmtr
Product-winmtrWinMTR
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-46545
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.29%
||
7 Day CHG~0.00%
Published-20 Dec, 2022 | 00:00
Updated-16 Apr, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-f1203f1203_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-46535
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.28%
||
7 Day CHG~0.00%
Published-20 Dec, 2022 | 00:00
Updated-16 Apr, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/SetClientState.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-f1203f1203_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45664
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.27%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-i22_firmwarei22n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-46549
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.28%
||
7 Day CHG~0.00%
Published-20 Dec, 2022 | 00:00
Updated-16 Apr, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/saveParentControlInfo.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-f1203f1203_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45660
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.28%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6ac6_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-46547
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.84% / 53.18%
||
7 Day CHG~0.00%
Published-20 Dec, 2022 | 00:00
Updated-16 Apr, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/VirtualSer.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-f1203f1203_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45653
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.27%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45643
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.28%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the addWifiMacFilter function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-46532
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.27%
||
7 Day CHG~0.00%
Published-20 Dec, 2022 | 00:00
Updated-16 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceMac parameter at /goform/addWifiMacFilter.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-f1203f1203_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-46541
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.29%
||
7 Day CHG~0.00%
Published-20 Dec, 2022 | 00:00
Updated-16 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the ssid parameter at /goform/fast_setting_wifi_set.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-f1203f1203_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45669
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.27%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterGet function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-i22_firmwarei22n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45650
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.28%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the firewallEn parameter in the formSetFirewallCfg function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6ac6_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-45661
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.28%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6ac6_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 10
  • 11
  • Next
Details not found