9.8

CVE-2020-25014

A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.

Data is provided by the National Vulnerability Database (NVD)
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelZywall 110 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelZywall 1100 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelZywall 310 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg 110 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg 1100 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg 1900 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg 20w Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg 20w-vpn Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg 2200-vpn Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg 310 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg 40 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg 40w Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg 60 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg 60w Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg110 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg1100 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg1900 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg20-vpn Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg20w-vpn Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg210 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg2200-vpn Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg310 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg40 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg40w Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg60 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg60w Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelVpn100 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelVpn300 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelVpn50 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg Flex 100 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg Flex 200 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg Flex 500 Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg Flex 100w Version-
ZyxelZld Version >= 4.30 <= 4.55
   ZyxelUsg Flex 700 Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelNwa1123-ac Hd Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelNwa1123-ac Hd Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelNwa1123-ac Hd Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelNwa1123-ac Hd Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelNwa1123-ac Hd Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelNwa1123-ac Hd Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelNwa1123-ac Hd Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelNwa1123-ac Hd Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelNwa1123-ac Hd Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelNwa1123-ac Pro Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelNwa1123-ac Pro Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelNwa1123-ac Pro Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelNwa1123-ac Pro Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelNwa1123-ac Pro Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelNwa1123-ac Pro Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelNwa1123-ac Pro Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelNwa1123-ac Pro Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelNwa1123-ac Pro Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelNwa1123-acv2 Version-
ZyxelAccess Points Firmware Version-
   ZyxelNwa1123-acv2 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelNwa1123-acv2 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelNwa1123-acv2 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelNwa1123-acv2 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelNwa1123-acv2 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelNwa1123-acv2 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelNwa1123-acv2 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelNwa1123-acv2 Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelWax510d Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelWax510d Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelWax510d Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelWax510d Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelWax510d Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelWax510d Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelWax510d Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelWax510d Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelWax510d Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelWac5302d-s Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelWac5302d-s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelWac5302d-s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelWac5302d-s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelWac5302d-s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelWac5302d-s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelWac5302d-s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelWac5302d-s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelWac5302d-s Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelNwa5120 Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelNwa5120 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelNwa5120 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelNwa5120 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelNwa5120 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelNwa5120 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelNwa5120 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelNwa5120 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelNwa5120 Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelNwa5301-nj Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelNwa5301-nj Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelNwa5301-nj Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelNwa5301-nj Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelNwa5301-nj Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelNwa5301-nj Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelNwa5301-nj Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelNwa5301-nj Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelNwa5301-nj Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelWax610d Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelWax610d Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelWax610d Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelWax610d Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelWax610d Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelWax610d Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelWax610d Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelWax610d Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelWax610d Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelWax650s Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelWax650s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelWax650s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelWax650s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelWax650s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelWax650s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelWax650s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelWax650s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelWax650s Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelWac6550 Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelWac6550 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelWac6550 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelWac6550 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelWac6550 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelWac6550 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelWac6550 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelWac6550 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelWac6550 Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelWac6303d-s Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelWac6303d-s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelWac6303d-s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelWac6303d-s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelWac6303d-s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelWac6303d-s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelWac6303d-s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelWac6303d-s Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelWac6303d-s Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelWac6500 Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelWac6500 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelWac6500 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelWac6500 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelWac6500 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelWac6500 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelWac6500 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelWac6500 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelWac6500 Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelWac6100 Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelWac6100 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelWac6100 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelWac6100 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelWac6100 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelWac6100 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelWac6100 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelWac6100 Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelWac6100 Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelNwa210ax Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelNwa210ax Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelNwa210ax Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelNwa210ax Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelNwa210ax Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelNwa210ax Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelNwa210ax Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelNwa210ax Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelNwa210ax Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelNwa110ax Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelNwa110ax Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelNwa110ax Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelNwa110ax Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelNwa110ax Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelNwa110ax Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelNwa110ax Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelNwa110ax Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelNwa110ax Version-
ZyxelAccess Points Firmware Version <= 6.10
   ZyxelNwa1302-ac Version-
ZyxelAccess Points Firmware Version6.10 Update-
   ZyxelNwa1302-ac Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch1
   ZyxelNwa1302-ac Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch2
   ZyxelNwa1302-ac Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch3
   ZyxelNwa1302-ac Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch4
   ZyxelNwa1302-ac Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch5
   ZyxelNwa1302-ac Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch6
   ZyxelNwa1302-ac Version-
ZyxelAccess Points Firmware Version6.10 Updatepatch7
   ZyxelNwa1302-ac Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 2% 0.82
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.