2024-09-24
|
CVE-2024-38267
|
An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
|
Ax7501\-B1_firmware, Dx3300\-T0_firmware, Dx3300\-T1_firmware, Dx3301\-T0_firmware, Dx4510\-B0_firmware, Dx4510\-B1_firmware, Dx5401\-B0_firmware, Dx5401\-B1_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3300\-T0_firmware, Ex3300\-T1_firmware, Ex3301\-T0_firmware, Ex3500\-T0_firmware, Ex3501\-T0_firmware, Ex3510\-B0_firmware, Ex3510\-B1_firmware, Ex3600\-T0_firmware, Ex5401\-B0_firmware, Ex5401\-B1_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Ex7501\-B0_firmware, Ex7710\-B0_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Px3321\-T1_firmware, Scr50axe_firmware, Vmg3625\-T50b_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware
|
4.9
|
|
|
2024-09-24
|
CVE-2024-38268
|
An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
|
Ax7501\-B1_firmware, Dx3300\-T0_firmware, Dx3300\-T1_firmware, Dx3301\-T0_firmware, Dx4510\-B0_firmware, Dx4510\-B1_firmware, Dx5401\-B0_firmware, Dx5401\-B1_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3300\-T0_firmware, Ex3300\-T1_firmware, Ex3301\-T0_firmware, Ex3500\-T0_firmware, Ex3501\-T0_firmware, Ex3510\-B0_firmware, Ex3510\-B1_firmware, Ex3600\-T0_firmware, Ex5401\-B0_firmware, Ex5401\-B1_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Ex7501\-B0_firmware, Ex7710\-B0_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Px3321\-T1_firmware, Scr50axe_firmware, Vmg3625\-T50b_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware
|
4.9
|
|
|
2024-09-24
|
CVE-2024-38269
|
An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
|
Ax7501\-B1_firmware, Dx3300\-T0_firmware, Dx3300\-T1_firmware, Dx3301\-T0_firmware, Dx4510\-B0_firmware, Dx4510\-B1_firmware, Dx5401\-B0_firmware, Dx5401\-B1_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3300\-T0_firmware, Ex3300\-T1_firmware, Ex3301\-T0_firmware, Ex3500\-T0_firmware, Ex3501\-T0_firmware, Ex3510\-B0_firmware, Ex3510\-B1_firmware, Ex3600\-T0_firmware, Ex5401\-B0_firmware, Ex5401\-B1_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Ex7501\-B0_firmware, Ex7710\-B0_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Px3321\-T1_firmware, Scr50axe_firmware, Vmg3625\-T50b_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware
|
4.9
|
|
|
2024-09-03
|
CVE-2024-5412
|
A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
|
Ax7501\-B0_firmware, Ax7501\-B1_firmware, Dx3300\-T0_firmware, Dx3300\-T1_firmware, Dx3301\-T0_firmware, Dx4510\-B0_firmware, Dx5401\-B0_firmware, Dx5401\-B1_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3300\-T0_firmware, Ex3300\-T1_firmware, Ex3301\-T0_firmware, Ex3500\-T0_firmware, Ex3501\-T0_firmware, Ex3510\-B0_firmware, Ex5401\-B0_firmware, Ex5401\-B1_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Ex7501\-B0_firmware, Ex7710\-B0_firmware, Nebula_fwa505_firmware, Nebula_fwa510_firmware, Nebula_fwa710_firmware, Nebula_lte3301\-Plus_firmware, Nr5103_firmware, Nr5103ev2_firmware, Nr5307_firmware, Nr7103_firmware, Nr7302_firmware, Nr7303_firmware, Nr7501_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Px3321\-T1_firmware, Scr50axe_firmware, Vmg3625\-T50b_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware
|
7.5
|
|
|
2023-01-11
|
CVE-2022-43391
|
A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.
|
Ax7501\-B0_firmware, Dx3301\-T0_firmware, Dx4510\-B1_firmware, Dx5401\-B0_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3301\-T0_firmware, Ex3510\-B0_firmware, Ex5401\-B0_firmware, Ex5501\-B0_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5600\-T1_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Lte3301\-Plus_firmware, Lte5388\-M804_firmware, Lte5398\-M904_firmware, Lte7240\-M403_firmware, Lte7461\-M602_firmware, Lte7480\-M804_firmware, Lte7480\-S905_firmware, Lte7485\-S905_firmware, Lte7490\-M904_firmware, Nebula_lte3301\-Plus_firmware, Nebula_lte7461\-M602_firmware, Nebula_nr5101_firmware, Nebula_nr7101_firmware, Nr5101_firmware, Nr7101_firmware, Nr7102_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Pm7320\-B0_firmware, Pmg5317\-T20b_firmware, Pmg5617\-T20b2_firmware, Pmg5617ga_firmware, Pmg5622ga_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware
|
6.5
|
|
|
2023-01-11
|
CVE-2022-43392
|
A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.
|
Ax7501\-B0_firmware, Dx3301\-T0_firmware, Dx4510\-B1_firmware, Dx5401\-B0_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3301\-T0_firmware, Ex3510\-B0_firmware, Ex5401\-B0_firmware, Ex5501\-B0_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5600\-T1_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Lte3301\-Plus_firmware, Lte5388\-M804_firmware, Lte5398\-M904_firmware, Lte7240\-M403_firmware, Lte7461\-M602_firmware, Lte7480\-M804_firmware, Lte7480\-S905_firmware, Lte7485\-S905_firmware, Lte7490\-M904_firmware, Nebula_lte3301\-Plus_firmware, Nebula_lte7461\-M602_firmware, Nebula_nr5101_firmware, Nebula_nr7101_firmware, Nr5101_firmware, Nr7101_firmware, Nr7102_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Pm7320\-B0_firmware, Pmg5317\-T20b_firmware, Pmg5617\-T20b2_firmware, Pmg5617ga_firmware, Pmg5622ga_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware
|
6.5
|
|
|
2023-01-11
|
CVE-2022-43390
|
A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.
|
Ax7501\-B0_firmware, Dx3301\-T0_firmware, Dx4510\-B1_firmware, Dx5401\-B0_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3301\-T0_firmware, Ex3510\-B0_firmware, Ex5401\-B0_firmware, Ex5501\-B0_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5600\-T1_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Lte7480\-M804_firmware, Lte7490\-M904_firmware, Nebula_nr5101_firmware, Nebula_nr7101_firmware, Nr5101_firmware, Nr7101_firmware, Nr7102_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Pm7320\-B0_firmware, Pmg5317\-T20b_firmware, Pmg5617\-T20b2_firmware, Pmg5617ga_firmware, Pmg5622ga_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware
|
8.8
|
|
|
2022-03-01
|
CVE-2021-35036
|
A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.
|
Ax7501\-B0_firmware, Dx3301\-T0_firmware, Dx5401\-B0_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ep240p_firmware, Ex5401\-B0_firmware, Ex5501\-B0_firmware, Lte3301\-Plus_firmware, Lte5388\-M804_firmware, Lte5388\-S905_firmware, Lte5398\-M904_firmware, Lte7240\-M403_firmware, Lte7461\-M602_firmware, Lte7480\-M804_firmware, Lte7480\-S905_firmware, Lte7485\-S905_firmware, Lte7490\-M804_firmware, Nr5101_firmware, Nr7101_firmware, Nr7102_firmware, Pm7300\-T0_firmware, Pmg5317\-T20b_firmware, Pmg5617\-T20b2_firmware, Pmg5617ga_firmware, Pmg5622ga_firmware, Vmg3625\-T50b_firmware, Vmg3927\-T50k_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware
|
6.5
|
|
|