Product:

Dx5401\-B0_firmware

(Zyxel)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 12
Date Id Summary Products Score Patch Annotated
2024-09-24 CVE-2024-38269 An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device. Ax7501\-B1_firmware, Dx3300\-T0_firmware, Dx3300\-T1_firmware, Dx3301\-T0_firmware, Dx4510\-B0_firmware, Dx4510\-B1_firmware, Dx5401\-B0_firmware, Dx5401\-B1_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3300\-T0_firmware, Ex3300\-T1_firmware, Ex3301\-T0_firmware, Ex3500\-T0_firmware, Ex3501\-T0_firmware, Ex3510\-B0_firmware, Ex3510\-B1_firmware, Ex3600\-T0_firmware, Ex5401\-B0_firmware, Ex5401\-B1_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Ex7501\-B0_firmware, Ex7710\-B0_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Px3321\-T1_firmware, Scr50axe_firmware, Vmg3625\-T50b_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware 4.9
2024-09-03 CVE-2024-5412 A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. Ax7501\-B0_firmware, Ax7501\-B1_firmware, Dx3300\-T0_firmware, Dx3300\-T1_firmware, Dx3301\-T0_firmware, Dx4510\-B0_firmware, Dx5401\-B0_firmware, Dx5401\-B1_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3300\-T0_firmware, Ex3300\-T1_firmware, Ex3301\-T0_firmware, Ex3500\-T0_firmware, Ex3501\-T0_firmware, Ex3510\-B0_firmware, Ex5401\-B0_firmware, Ex5401\-B1_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Ex7501\-B0_firmware, Ex7710\-B0_firmware, Nebula_fwa505_firmware, Nebula_fwa510_firmware, Nebula_fwa710_firmware, Nebula_lte3301\-Plus_firmware, Nr5103_firmware, Nr5103ev2_firmware, Nr5307_firmware, Nr7103_firmware, Nr7302_firmware, Nr7303_firmware, Nr7501_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Px3321\-T1_firmware, Scr50axe_firmware, Vmg3625\-T50b_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware 7.5
2023-01-11 CVE-2022-43391 A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request. Ax7501\-B0_firmware, Dx3301\-T0_firmware, Dx4510\-B1_firmware, Dx5401\-B0_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3301\-T0_firmware, Ex3510\-B0_firmware, Ex5401\-B0_firmware, Ex5501\-B0_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5600\-T1_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Lte3301\-Plus_firmware, Lte5388\-M804_firmware, Lte5398\-M904_firmware, Lte7240\-M403_firmware, Lte7461\-M602_firmware, Lte7480\-M804_firmware, Lte7480\-S905_firmware, Lte7485\-S905_firmware, Lte7490\-M904_firmware, Nebula_lte3301\-Plus_firmware, Nebula_lte7461\-M602_firmware, Nebula_nr5101_firmware, Nebula_nr7101_firmware, Nr5101_firmware, Nr7101_firmware, Nr7102_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Pm7320\-B0_firmware, Pmg5317\-T20b_firmware, Pmg5617\-T20b2_firmware, Pmg5617ga_firmware, Pmg5622ga_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware 6.5
2023-01-11 CVE-2022-43392 A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request. Ax7501\-B0_firmware, Dx3301\-T0_firmware, Dx4510\-B1_firmware, Dx5401\-B0_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3301\-T0_firmware, Ex3510\-B0_firmware, Ex5401\-B0_firmware, Ex5501\-B0_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5600\-T1_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Lte3301\-Plus_firmware, Lte5388\-M804_firmware, Lte5398\-M904_firmware, Lte7240\-M403_firmware, Lte7461\-M602_firmware, Lte7480\-M804_firmware, Lte7480\-S905_firmware, Lte7485\-S905_firmware, Lte7490\-M904_firmware, Nebula_lte3301\-Plus_firmware, Nebula_lte7461\-M602_firmware, Nebula_nr5101_firmware, Nebula_nr7101_firmware, Nr5101_firmware, Nr7101_firmware, Nr7102_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Pm7320\-B0_firmware, Pmg5317\-T20b_firmware, Pmg5617\-T20b2_firmware, Pmg5617ga_firmware, Pmg5622ga_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware 6.5
2023-04-27 CVE-2023-28770 The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file. Dx5401\-B0_firmware 7.5
2023-04-27 CVE-2023-28769 The buffer overflow vulnerability in the library “libclinkc.so” of the web server “zhttpd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device. Dx5401\-B0_firmware 9.8
2023-01-11 CVE-2022-43390 A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request. Ax7501\-B0_firmware, Dx3301\-T0_firmware, Dx4510\-B1_firmware, Dx5401\-B0_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3301\-T0_firmware, Ex3510\-B0_firmware, Ex5401\-B0_firmware, Ex5501\-B0_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5600\-T1_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Lte7480\-M804_firmware, Lte7490\-M904_firmware, Nebula_nr5101_firmware, Nebula_nr7101_firmware, Nr5101_firmware, Nr7101_firmware, Nr7102_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Pm7320\-B0_firmware, Pmg5317\-T20b_firmware, Pmg5617\-T20b2_firmware, Pmg5617ga_firmware, Pmg5622ga_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware 8.8
2022-03-01 CVE-2021-35036 A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file. Ax7501\-B0_firmware, Dx3301\-T0_firmware, Dx5401\-B0_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ep240p_firmware, Ex5401\-B0_firmware, Ex5501\-B0_firmware, Lte3301\-Plus_firmware, Lte5388\-M804_firmware, Lte5388\-S905_firmware, Lte5398\-M904_firmware, Lte7240\-M403_firmware, Lte7461\-M602_firmware, Lte7480\-M804_firmware, Lte7480\-S905_firmware, Lte7485\-S905_firmware, Lte7490\-M804_firmware, Nr5101_firmware, Nr7101_firmware, Nr7102_firmware, Pm7300\-T0_firmware, Pmg5317\-T20b_firmware, Pmg5617\-T20b2_firmware, Pmg5617ga_firmware, Pmg5622ga_firmware, Vmg3625\-T50b_firmware, Vmg3927\-T50k_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware 6.5
2022-04-11 CVE-2022-26413 A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface. Ax7501\-B0_firmware, Dx5401\-B0_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Emg6726\-B10a_firmware, Ep240p_firmware, Ex3510\-B0_firmware, Ex5401\-B0_firmware, Ex5501\-B0_firmware, Pm7300\-T0_firmware, Pmg5317\-T20b_firmware, Pmg5617\-T20b2_firmware, Pmg5617ga_firmware, Pmg5622ga_firmware, Px7501\-B0_firmware, Vmg1312\-T20b_firmware, Vmg3312\-T20a_firmware, Vmg3625\-T50b_firmware, Vmg3927\-B50a_firmware, Vmg3927\-B50b_firmware, Vmg3927\-B60a_firmware, Vmg3927\-T50k_firmware, Vmg4927\-B50a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-B50a_firmware, Vmg8825\-B50b_firmware, Vmg8825\-B60a_firmware, Vmg8825\-B60b_firmware, Vmg8825\-T50k_firmware, Xmg3927\-B50a_firmware, Xmg8825\-B50a_firmware 8.0
2022-04-11 CVE-2022-26414 A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service. Ax7501\-B0_firmware, Dx5401\-B0_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Emg6726\-B10a_firmware, Ep240p_firmware, Ex3510\-B0_firmware, Ex5401\-B0_firmware, Ex5501\-B0_firmware, Pm7300\-T0_firmware, Pmg5317\-T20b_firmware, Pmg5617\-T20b2_firmware, Pmg5617ga_firmware, Pmg5622ga_firmware, Px7501\-B0_firmware, Vmg1312\-T20b_firmware, Vmg3312\-T20a_firmware, Vmg3625\-T50b_firmware, Vmg3927\-B50a_firmware, Vmg3927\-B50b_firmware, Vmg3927\-B60a_firmware, Vmg3927\-T50k_firmware, Vmg4927\-B50a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-B50a_firmware, Vmg8825\-B50b_firmware, Vmg8825\-B60a_firmware, Vmg8825\-B60b_firmware, Vmg8825\-T50k_firmware, Xmg3927\-B50a_firmware, Xmg8825\-B50a_firmware 5.5