Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

VMG8825-T50K firmware

Source -

CNA

CNA CVEs -

8

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
8Vulnerabilities found
CVE-2025-7673
Assigner-Zyxel Corporation
ShareView Details
Assigner-Zyxel Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.46% / 80.03%
||
7 Day CHG~0.00%
Published-16 Jul, 2025 | 07:11
Updated-19 Jul, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-VMG8825-T50K firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-11253
Assigner-Zyxel Corporation
ShareView Details
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-0.26% / 49.54%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 01:29
Updated-12 Mar, 2025 | 04:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the "DNSServer” parameter of the diagnostic function in the Zyxel VMG8825-T50K firmware version V5.50(ABOM.8.5)C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-VMG8825-T50K firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-8748
Assigner-Zyxel Corporation
ShareView Details
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.74%
||
7 Day CHG~0.00%
Published-03 Dec, 2024 | 01:15
Updated-21 Jan, 2025 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-ex3500-t0_firmwareex5510-b0_firmwarenr7101pm7300-t0_firmwareex3301-t0emg5523-t50b_firmwaredx5401-b1lte7480-m804lte5398-m904dx5401-b0_firmwareex5501-b0_firmwareex3510-b0px5301-t0ax7501-b0ex5512-t0ex3300-t0_firmwareex3500-t0vmg8623-t50bax7501-b1_firmwarevmg4005-b50bnebula_nr5101pm3100-t0ex5600-t1lte7490-m904ex3300-t0dx5401-b1_firmwarewx3100-t0emg5723-t50kpm5100-t0_firmwarewx5610-b0ee6510-10_firmwareex5401-b1_firmwareex3501-t0_firmwarewx3401-b0_firmwareex5601-t0_firmwareex7710-b0_firmwarevmg8825-t50k_firmwareex3600-t0_firmwareex3300-t1pm7500-t0vmg3927-b50bdx4510-b1vmg4927-b50a_firmwarelte3301-plusvmg3927-b50b_firmwarenebula_nr5101_firmwarewx5600-t0_firmwareemg3525-t50bpx3321-t1ee6510-10dx3300-t1ax7501-b1vmg4005-b50a_firmwarevmg4005-b60a_firmwarevmg4005-b50avmg4005-b50b_firmwarepx5301-t0_firmwarelte5398-m904_firmwarewx3401-b0ex3510-b1ex5600-t1_firmwaredx4510-b0nebula_lte3301-plusdx3300-t1_firmwareex3510-b0_firmwareemg5523-t50bex5401-b0nr7101_firmwareex5601-t1dx3300-t0ex5401-b0_firmwarepm3100-t0_firmwarevmg4927-b50apx3321-t1_firmwaredx4510-b1_firmwareex3301-t0_firmwareex5510-b0wx3401-b1vmg3927-t50k_firmwareex5401-b1ex2210-t0_firmwareex2210-t0lte5388-m804vmg4005-b60apm5100-t0lte7480-m804_firmwarenebula_nr7101_firmwareex7501-b0_firmwarewx3100-t0_firmwareemg3525-t50b_firmwarelte7490-m904_firmwarepm7300-t0vmg3625-t50bnebula_nr7101vmg8623-t50b_firmwareemg5723-t50k_firmwarenr7102ex3600-t0nr7102_firmwareex5501-b0ax7501-b0_firmwaredx3300-t0_firmwaredx3301-t0ex3300-t1_firmwaredx3301-t0_firmwareex5601-t1_firmwarevmg8825-t50kdx4510-b0_firmwareex5601-t0ex7501-b0wx5600-t0nebula_lte3301-plus_firmwarelte3301-plus_firmwareex3510-b1_firmwaredx5401-b0ex5512-t0_firmwareemg6726-b10a_firmwareex7710-b0emg6726-b10avmg3927-t50kex3501-t0pm7500-t0_firmwarewx5610-b0_firmwarevmg3625-t50b_firmwarewx3401-b1_firmwarelte5388-m804_firmwareVMG8825-T50K firmwarewx3401-b1_firmwarepm7500-t0_firmwaredx3300-t1_firmwaredx4510-b1_firmwarepm5100-t0_firmwarepx3321-t1_firmwareex2210-t0_firmwarelte5388-m804_firmwarenebula_lte3301-plus_firmwaredx5401_b1_firmwarelte5398-m904_firmwaredx5401-b0_firmwarepx5301-t0_firmwareax7501-b1_firmwarenr7102_firmwarevmg8825-t50k_firmwarepm7300-t0_firmwareax7501-b0_firmwaredx3300-t0_firmwarenr7101_firmwareee6510-10_firmwaredx3301-t0_firmwaredx4510-b0_firmwarelte7480-m804_firmwarenebula_nr5101_firmwarenebula_nr7101_firmwarelte7490-m904_firmwarelte3301-plus_firmwarewx3401-b0_firmwarewx3100-t0_firmwarewx5610-b0_firmwarepm3100-t0_firmwarewx5600-t0_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-38269
Assigner-Zyxel Corporation
ShareView Details
Assigner-Zyxel Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.18% / 39.39%
||
7 Day CHG~0.00%
Published-24 Sep, 2024 | 01:38
Updated-26 Sep, 2024 | 13:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-VMG8825-T50K firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-38268
Assigner-Zyxel Corporation
ShareView Details
Assigner-Zyxel Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.18% / 39.39%
||
7 Day CHG~0.00%
Published-24 Sep, 2024 | 01:35
Updated-26 Sep, 2024 | 13:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-VMG8825-T50K firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-38267
Assigner-Zyxel Corporation
ShareView Details
Assigner-Zyxel Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.18% / 39.39%
||
7 Day CHG~0.00%
Published-24 Sep, 2024 | 01:30
Updated-26 Sep, 2024 | 13:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-VMG8825-T50K firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-38266
Assigner-Zyxel Corporation
ShareView Details
Assigner-Zyxel Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.18% / 39.39%
||
7 Day CHG~0.00%
Published-24 Sep, 2024 | 01:26
Updated-22 Jan, 2025 | 22:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-ex3510-b1_firmwarevmg8825-t50kvmg3625-t50b_firmwareex3501-t0pm3100-t0ex5510-b0_firmwarewx3401-b0_firmwareex5401-b0vmg4005-b60avmg3927-t50kex5401-b1_firmwarescr50axeex3300-t0_firmwaredx5401-b0_firmwarevmg8623-t50b_firmwaredx4510-b1_firmwareex3600-t0_firmwarepm7300-t0vmg4005-b50avmg4005-b60a_firmwarepx3321-t1_firmwareex5601-t0_firmwareex5401-b0_firmwareex3301-t0ex3510-b1emg5723-t50kdx3300-t1wx3100-t0_firmwarevmg8825-t50k_firmwareemg3525-t50bdx5401-b1_firmwareex5601-t1ex3300-t0ex5512-t0_firmwarewx5600-t0wx3401-b0ex7710-b0_firmwareax7501-b1_firmwareex3301-t0_firmwaredx4510-b0_firmwareemg5523-t50bdx5401-b1emg5523-t50b_firmwarepm5100-t0_firmwaredx4510-b0ex7710-b0pm7300-t0_firmwareax7501-b1ex3300-t1dx3300-t1_firmwareex3510-b0_firmwarevmg3625-t50bex5401-b1emg5723-t50k_firmwaredx3301-t0ex5510-b0wx5600-t0_firmwareex5601-t0ax7501-b0_firmwareex5601-t1_firmwarevmg8623-t50bpm3100-t0_firmwareex3510-b0ex7501-b0vmg3927-t50k_firmwarewx3100-t0vmg4005-b50a_firmwareemg3525-t50b_firmwaredx3301-t0_firmwaredx3300-t0ax7501-b0scr50axe_firmwareex5512-t0ex3500-t0ex3300-t1_firmwarepm5100-t0ex3500-t0_firmwareex3600-t0dx5401-b0dx4510-b1dx3300-t0_firmwareex3501-t0_firmwarepx3321-t1ex7501-b0_firmwareVMG8825-T50K firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-5412
Assigner-Zyxel Corporation
ShareView Details
Assigner-Zyxel Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 63.43%
||
7 Day CHG~0.00%
Published-03 Sep, 2024 | 01:18
Updated-06 Sep, 2024 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-ex5601-t1_firmwaredx3301-t0vmg4005-b50anebula_fwa505dx4510-b0ex5512-t0_firmwarevmg3927-t50kpm5100-t0_firmwareex5401-b1_firmwarenr7303nr7501_firmwarevmg8825-t50kax7501-b1nr5307ex5601-t1nebula_fwa710ex3510-b0ax7501-b0dx5401-b0nr5103ev2_firmwareex3300-t0_firmwarevmg8623-t50bnr7303_firmwareemg3525-t50bex3501-t0nebula_fwa510vmg8825-t50k_firmwarepm7300-t0_firmwareex3501-t0_firmwareemg5723-t50kdx3301-t0_firmwareex5510-b0_firmwareex3500-t0_firmwarenr7302_firmwareex5401-b1dx5401-b1ex5401-b0_firmwarewx3401-b0_firmwarenr5103_firmwarenebula_fwa505_firmwareex3300-t1_firmwareex5512-t0ex3300-t0dx3300-t0ex7710-b0nr5103wx3100-t0_firmwarenr5103ev2pm3100-t0_firmwareemg5523-t50bvmg8623-t50b_firmwarepx3321-t1vmg4005-b60awx3100-t0ex7501-b0_firmwarenr7302dx3300-t1_firmwarescr50axe_firmwarepx3321-t1_firmwaredx5401-b1_firmwarenebula_lte3301-plus_firmwareex3500-t0ex5510-b0vmg4005-b60a_firmwarevmg4005-b50a_firmwareex5601-t0_firmwaredx5401-b0_firmwareax7501-b1_firmwareex5401-b0ex3301-t0ex7710-b0_firmwarenr7501nebula_lte3301-plusnr7103_firmwareex3510-b0_firmwarewx3401-b0pm5100-t0scr50axenebula_fwa510_firmwareax7501-b0_firmwaredx3300-t1vmg3927-t50k_firmwareemg5723-t50k_firmwarenr5307_firmwaredx3300-t0_firmwarepm3100-t0nr7103nebula_fwa710_firmwareex5601-t0ex3300-t1dx4510-b0_firmwarewx5600-t0emg5523-t50b_firmwarepm7300-t0vmg3625-t50bex3301-t0_firmwarevmg3625-t50b_firmwareemg3525-t50b_firmwareex7501-b0wx5600-t0_firmwareVMG8825-T50K firmwarevmg8825-t50k_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')