Zyxel

Ex5501-b0 Firmware

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-8748

  • EPSS 0.28%
  • Veröffentlicht 03.12.2024 02:15:17
  • Zuletzt bearbeitet 21.01.2025 21:20:19

A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the w...

4.9

CVE-2024-9197

  • EPSS 0.24%
  • Veröffentlicht 03.12.2024 02:15:17
  • Zuletzt bearbeitet 21.01.2025 21:18:24

A post-authentication buffer overflow vulnerability in the parameter "action" of the CGI program in Zyxel VMG3625-T50B firmware versions through V5.50(ABPM.9.2)C0 could allow an authenticated attacker with administrator privileges to cause a temporar...

6.5

CVE-2023-37929

  • EPSS 1.46%
  • Veröffentlicht 21.05.2024 02:15:08
  • Zuletzt bearbeitet 22.01.2025 22:55:02

The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable devic...

5.5

CVE-2024-0816

  • EPSS 0.09%
  • Veröffentlicht 21.05.2024 02:15:08
  • Zuletzt bearbeitet 22.01.2025 22:58:56

The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device.

8.8

CVE-2022-43390

  • EPSS 1.67%
  • Veröffentlicht 11.01.2023 02:15:11
  • Zuletzt bearbeitet 21.11.2024 07:26:23

A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.

6.5

CVE-2022-43391

  • EPSS 0.52%
  • Veröffentlicht 11.01.2023 02:15:11
  • Zuletzt bearbeitet 21.11.2024 07:26:23

A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.

6.5

CVE-2022-43392

  • EPSS 0.3%
  • Veröffentlicht 11.01.2023 02:15:11
  • Zuletzt bearbeitet 21.11.2024 07:26:23

A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.

8

CVE-2022-26413

  • EPSS 0.63%
  • Veröffentlicht 11.04.2022 13:15:07
  • Zuletzt bearbeitet 21.11.2024 06:53:54

A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.

5.5

CVE-2022-26414

  • EPSS 0.04%
  • Veröffentlicht 11.04.2022 13:15:07
  • Zuletzt bearbeitet 21.11.2024 06:53:54

A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.

6.5

CVE-2021-35036

  • EPSS 0.19%
  • Veröffentlicht 01.03.2022 07:15:06
  • Zuletzt bearbeitet 21.11.2024 06:11:43

A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.