Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Vmg3312\-B10a_firmware
(Zyxel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-02-04 | CVE-2024-40890 | **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the CGI program of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device by sending a crafted HTTP POST request. | Sbg3300\-N000_firmware, Sbg3300\-Nb00_firmware, Sbg3500\-N000_firmware, Sbg3500\-Nb00_firmware, Vmg1312\-B10a_firmware, Vmg1312\-B10b_firmware, Vmg1312\-B10e_firmware, Vmg3312\-B10a_firmware, Vmg3313\-B10a_firmware, Vmg3926\-B10b_firmware, Vmg4325\-B10a_firmware, Vmg4380\-B10a_firmware, Vmg8324\-B10a_firmware, Vmg8924\-B10a_firmware | 8.8 | ||
| 2025-02-04 | CVE-2024-40891 | **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device via Telnet. | Sbg3300\-N000_firmware, Sbg3300\-Nb00_firmware, Sbg3500\-N000_firmware, Sbg3500\-Nb00_firmware, Vmg1312\-B10a_firmware, Vmg1312\-B10b_firmware, Vmg1312\-B10e_firmware, Vmg3312\-B10a_firmware, Vmg3313\-B10a_firmware, Vmg3926\-B10b_firmware, Vmg4325\-B10a_firmware, Vmg4380\-B10a_firmware, Vmg8324\-B10a_firmware, Vmg8924\-B10a_firmware | 8.8 |