Zyxel

Vmg4005-b60a Firmware

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-13943

  • EPSS 0.04%
  • Veröffentlicht 24.02.2026 02:38:05
  • Zuletzt bearbeitet 25.02.2026 18:13:55

A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected dev...

4.9

CVE-2025-11848

  • EPSS 0.03%
  • Veröffentlicht 24.02.2026 02:14:18
  • Zuletzt bearbeitet 25.02.2026 17:57:37

A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Zyxel VMG3625-T50B firmware version through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with ...

4.9

CVE-2025-11847

  • EPSS 0.03%
  • Veröffentlicht 24.02.2026 02:09:44
  • Zuletzt bearbeitet 25.02.2026 18:14:42

A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with...

4.9

CVE-2025-11846

  • EPSS 0.11%
  • Veröffentlicht 24.02.2026 01:37:57
  • Zuletzt bearbeitet 25.02.2026 18:14:24

A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker...

4.9

CVE-2025-11845

  • EPSS 0.12%
  • Veröffentlicht 24.02.2026 01:30:50
  • Zuletzt bearbeitet 25.02.2026 18:10:06

A null pointer dereference vulnerability in the certificate downloader CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated at...

8.8

CVE-2025-8693

  • EPSS 0.24%
  • Veröffentlicht 18.11.2025 01:25:05
  • Zuletzt bearbeitet 15.12.2025 14:03:35

A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an authenticated attacker to execute operating system (OS) commands on an affected device.

7.5

CVE-2025-6599

  • EPSS 0.08%
  • Veröffentlicht 18.11.2025 01:19:47
  • Zuletzt bearbeitet 16.12.2025 21:19:59

An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris‑style denial‑of‑service (DoS) attacks. Such attacks may temporarily blo...

7.2

CVE-2024-11253

  • EPSS 0.32%
  • Veröffentlicht 11.03.2025 02:15:10
  • Zuletzt bearbeitet 13.01.2026 16:11:20

A post-authentication command injection vulnerability in the "DNSServer” parameter of the diagnostic function in the Zyxel VMG8825-T50K firmware version V5.50(ABOM.8.5)C0 and earlier could allow an authenticated attacker with administrator privileges...

7.5

CVE-2024-8748

  • EPSS 0.73%
  • Veröffentlicht 03.12.2024 02:15:17
  • Zuletzt bearbeitet 21.01.2025 21:20:19

A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the w...

7.2

CVE-2024-9200

  • EPSS 0.46%
  • Veröffentlicht 03.12.2024 02:15:17
  • Zuletzt bearbeitet 21.01.2025 21:13:29

A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute ...