CVE-2024-11253

🗓️ 11 Mar 2025 01:29:00Reported by ZyxelType

Command injection vulnerability in Zyxel VMG8825-T50K firmware allows OS command execution.

Reporter	Title	Published	Views	Family All 8
BDU FSTEC	The vulnerability of the DNSServer software’s microprogramming system in Wi-Fi amplifiers, subscriber terminals, DSL/Ethernet CPE routers allows a perpetrator to execute arbitrary commands.	30 Apr 202500:00	–	bdu_fstec
Circl	CVE-2024-11253	11 Mar 202505:05	–	circl
CNNVD	Zyxel VMG8825-T50K 操作系统命令注入漏洞	11 Mar 202500:00	–	cnnvd
Cvelist	CVE-2024-11253	11 Mar 202501:29	–	cvelist
EUVD	EUVD-2024-54134	3 Oct 202520:07	–	euvd
NVD	CVE-2024-11253	11 Mar 202502:15	–	nvd
RedhatCVE	CVE-2024-11253	13 Mar 202503:43	–	redhatcve
Vulnrichment	CVE-2024-11253	11 Mar 202501:29	–	vulnrichment

NVD

Node

zyxel emg5723-t50k_firmwareRange≤5.50(abom.8.5)c0

AND

zyxel emg5723-t50kMatch-

Node

zyxel dm4200-b0_firmwareRange≤5.17(acbs.1)c0

AND

zyxel dm4200-b0Match-

Node

zyxel vmg3927-t50k_firmwareRange≤5.50(abom.8.5)c0

AND

zyxel vmg3927-t50kMatch-

Node

zyxel vmg4005-b50a_firmwareRange≤5.15(abqa.2.3)c0

AND

zyxel vmg4005-b50aMatch-

Node

zyxel vmg4005-b60a_firmwareRange≤5.15(abqa.2.3)c0

AND

zyxel vmg4005-b60aMatch-

Node

zyxel vmg8825-t50k_firmwareRange≤5.50(abom.8.5)c0

AND

zyxel vmg8825-t50kMatch-

[
  {
    "defaultStatus": "unaffected",
    "product": "VMG8825-T50K firmware",
    "vendor": "Zyxel",
    "versions": [
      {
        "status": "affected",
        "version": "<= V5.50(ABOM.8.5)C0"
      }
    ]
  }
]

Source	Link
zyxel	www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-vulnerabilities-in-certain-dsl-ethernet-cpe-fiber-ont-and-wifi-extender-devices-03-11-2025

13 Jan 2026 16:11Current

7.9High risk

Vulners AI Score7.9

CVSS 3.17.2

EPSS0.0034

SSVC

CWE-78