9.8
CVE-2025-7673
- EPSS 0.5%
- Veröffentlicht 16.07.2025 07:15:24
- Zuletzt bearbeitet 14.01.2026 17:52:29
- Quelle security@zyxel.com.tw
- CVE-Watchlists
- Unerledigt
A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch National Vulnerability Database (NVD)
Zyxel ≫ Emg3525-t50b Firmware SwEditionemea Version < 5.50\(abpm.4\)c0
Zyxel ≫ Emg3525-t50b Firmware SwEditionamerica Version < 5.50\(absl.0\)b8
Zyxel ≫ Emg5523-t50b Firmware SwEditionemea Version < 5.50\(abpm.4\)c0
Zyxel ≫ Emg5523-t50b Firmware SwEditionamerica Version < 5.50\(absl.0\)b8
Zyxel ≫ Emg5723-t50k Firmware Version < 5.50\(abom.5\)c0
Zyxel ≫ Emg6726-b10a Firmware Version < 5.13\(abnp.6\).c
Zyxel ≫ Ex3510-b0 Firmware Version < 5.17\(abup.3\)c0
Zyxel ≫ Ex5510-b0 Firmware Version < 5.15\(abqx.3\)c0
Zyxel ≫ Vmg1312-t20b Firmware Version < 5.50\(absb.3\)c0
Zyxel ≫ Vmg3625-t50b Firmware Version < 5.50\(abpm.4\)c0
Zyxel ≫ Vmg3925-b10b Firmware Version < 5.13\(aavf.16\)c
Zyxel ≫ Vmg3925-b10c Firmware Version < 5.13\(aavf.16\)c
Zyxel ≫ Vmg3927-b50a Firmware Version < 5.15\(abmt.5\)c0
Zyxel ≫ Vmg3927-b60a Firmware Version < 5.15\(abmt.5\)c0
Zyxel ≫ Vmg3927-b50b Firmware Version < 5.13\(ably.6\)c0
Zyxel ≫ Vmg3927-t50k Firmware Version < 5.50\(abom.5\)c0
Zyxel ≫ Vmg4005-b50b Firmware Version < 5.13\(abrl.5\)c0
Zyxel ≫ Vmg4927-b50a Firmware Version < 5.13\(ably.6\)c0
Zyxel ≫ Vmg8623-t50b Firmware Version < 5.50\(abpm.4\)c0
Zyxel ≫ Vmg8825-b50a Firmware Version < 5.15\(abmt.5\)c0
Zyxel ≫ Vmg8825-b60a Firmware Version < 5.15\(abmt.5\)c0
Zyxel ≫ Vmg8825-bx0b Firmware Version < 5.17\(abny.5\)c0
Zyxel ≫ Vmg8825-t50k Firmware Version < 5.50\(abom.5\)c0
Zyxel ≫ Vmg8924-b10d Firmware Version < 5.13\(abgq.6\)c0
Zyxel ≫ Xmg3927-b50a Firmware Version < 5.15\(abmt.5\)c0
Zyxel ≫ Xmg8825-b50a Firmware Version < 5.17\(abmt.5\)c0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.5% | 0.654 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security@zyxel.com.tw | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.