CVE-2025-7673 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2025-7673

Analyzed

More Info Official Page

Source-security@zyxel.com.tw

Published At-16 Jul, 2025 | 07:15

Updated At-14 Jan, 2026 | 17:52

A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request.

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CPE Matches

Zyxel Networks Corporation

>>emg3525-t50b_firmware>>Versions before 5.50\(abpm.4\)c0(exclusive)

cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:emea:*:*:*

Zyxel Networks Corporation

>>emg3525-t50b>>-

cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>emg3525-t50b_firmware>>Versions before 5.50\(absl.0\)b8(exclusive)

cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:america:*:*:*

Zyxel Networks Corporation

>>emg3525-t50b>>-

cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>emg5523-t50b_firmware>>Versions before 5.50\(abpm.4\)c0(exclusive)

cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:emea:*:*:*

Zyxel Networks Corporation

>>emg5523-t50b>>-

cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>emg5523-t50b_firmware>>Versions before 5.50\(absl.0\)b8(exclusive)

cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:america:*:*:*

Zyxel Networks Corporation

>>emg5523-t50b>>-

cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>emg5723-t50k_firmware>>Versions before 5.50\(abom.5\)c0(exclusive)

cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>emg5723-t50k>>-

cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>emg6726-b10a_firmware>>Versions before 5.13\(abnp.6\).c(exclusive)

cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>emg6726-b10a>>-

cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>ex3510-b0_firmware>>Versions before 5.17\(abup.3\)c0(exclusive)

cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>ex5510-b0_firmware>>Versions before 5.15\(abqx.3\)c0(exclusive)

cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg1312-t20b_firmware>>Versions before 5.50\(absb.3\)c0(exclusive)

cpe:2.3:o:zyxel:vmg1312-t20b_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg1312-t20b>>-

cpe:2.3:h:zyxel:vmg1312-t20b:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg3625-t50b_firmware>>Versions before 5.50\(abpm.4\)c0(exclusive)

cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg3625-t50b>>-

cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg3925-b10b_firmware>>Versions before 5.13\(aavf.16\)c(exclusive)

cpe:2.3:o:zyxel:vmg3925-b10b_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg3925-b10b>>-

cpe:2.3:h:zyxel:vmg3925-b10b:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg3925-b10c_firmware>>Versions before 5.13\(aavf.16\)c(exclusive)

cpe:2.3:o:zyxel:vmg3925-b10c_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg3925-b10c>>-

cpe:2.3:h:zyxel:vmg3925-b10c:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg3927-b50a_firmware>>Versions before 5.15\(abmt.5\)c0(exclusive)

cpe:2.3:o:zyxel:vmg3927-b50a_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg3927-b50a>>-

cpe:2.3:h:zyxel:vmg3927-b50a:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg3927-b60a_firmware>>Versions before 5.15\(abmt.5\)c0(exclusive)

cpe:2.3:o:zyxel:vmg3927-b60a_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg3927-b60a>>-

cpe:2.3:h:zyxel:vmg3927-b60a:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg3927-b50b_firmware>>Versions before 5.13\(ably.6\)c0(exclusive)

cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg3927-b50b>>-

cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg3927-t50k_firmware>>Versions before 5.50\(abom.5\)c0(exclusive)

cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg3927-t50k>>-

cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg4005-b50b_firmware>>Versions before 5.13\(abrl.5\)c0(exclusive)

cpe:2.3:o:zyxel:vmg4005-b50b_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg4005-b50b>>-

cpe:2.3:h:zyxel:vmg4005-b50b:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg4927-b50a_firmware>>Versions before 5.13\(ably.6\)c0(exclusive)

cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg4927-b50a>>-

cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg8623-t50b_firmware>>Versions before 5.50\(abpm.4\)c0(exclusive)

cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg8623-t50b>>-

cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg8825-b50a_firmware>>Versions before 5.15\(abmt.5\)c0(exclusive)

cpe:2.3:o:zyxel:vmg8825-b50a_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg8825-b50a>>-

cpe:2.3:h:zyxel:vmg8825-b50a:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg8825-b60a_firmware>>Versions before 5.15\(abmt.5\)c0(exclusive)

cpe:2.3:o:zyxel:vmg8825-b60a_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg8825-b60a>>-

cpe:2.3:h:zyxel:vmg8825-b60a:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg8825-bx0b_firmware>>Versions before 5.17\(abny.5\)c0(exclusive)

cpe:2.3:o:zyxel:vmg8825-bx0b_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg8825-bx0b>>-

cpe:2.3:h:zyxel:vmg8825-bx0b:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg8825-t50k_firmware>>Versions before 5.50\(abom.5\)c0(exclusive)

cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg8825-t50k>>-

cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg8924-b10d_firmware>>Versions before 5.13\(abgq.6\)c0(exclusive)

cpe:2.3:o:zyxel:vmg8924-b10d_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>vmg8924-b10d>>-

cpe:2.3:h:zyxel:vmg8924-b10d:-:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>xmg3927-b50a_firmware>>Versions before 5.15\(abmt.5\)c0(exclusive)

cpe:2.3:o:zyxel:xmg3927-b50a_firmware:*:*:*:*:*:*:*:*

Zyxel Networks Corporation

>>xmg3927-b50a>>-

cpe:2.3:h:zyxel:xmg3927-b50a:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-120	Secondary	security@zyxel.com.tw

CWE ID: CWE-120

Type: Secondary

Source: security@zyxel.com.tw

References

Hyperlink	Source	Resource
https://www.zyxel.com/service-provider/global/en/zyxel-security-advisory-remote-code-execution-and-denial-service-vulnerabilities-cpe	security@zyxel.com.tw	Vendor Advisory

Hyperlink: https://www.zyxel.com/service-provider/global/en/zyxel-security-advisory-remote-code-execution-and-denial-service-vulnerabilities-cpe

Source: security@zyxel.com.tw

Resource:

Vendor Advisory