CVE-2025-8693
- EPSS 0.23%
- Veröffentlicht 18.11.2025 01:25:05
- Zuletzt bearbeitet 15.12.2025 14:03:35
A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an authenticated attacker to execute operating system (OS) commands on an affected device.
CVE-2025-6599
- EPSS 0.06%
- Veröffentlicht 18.11.2025 01:19:47
- Zuletzt bearbeitet 16.12.2025 21:19:59
An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris‑style denial‑of‑service (DoS) attacks. Such attacks may temporarily blo...
CVE-2025-7673
- EPSS 0.5%
- Veröffentlicht 16.07.2025 07:15:24
- Zuletzt bearbeitet 14.01.2026 17:52:29
A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute ar...
CVE-2024-8748
- EPSS 0.95%
- Veröffentlicht 03.12.2024 02:15:17
- Zuletzt bearbeitet 21.01.2025 21:20:19
A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the w...
CVE-2024-9200
- EPSS 0.46%
- Veröffentlicht 03.12.2024 02:15:17
- Zuletzt bearbeitet 21.01.2025 21:13:29
A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute ...