Lucene search

ZyxelCVE-2024-5412

HistorySep 03, 2024 - 2:15 a.m.

CVE-2024-5412

2024-09-0302:15:05

CWE-120

Zyxel

web.nvd.nist.gov

buffer overflow

zyxel vmg8825-t50k

firmware vulnerability

denial of service

http request

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

17.7%

JSON

A buffer overflow vulnerability in the library “libclinkc” of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.

Affected configurations

Nvd

Node

zyxelnebula_lte3301-plus_firmwareRange<1.18\(acca.4\)c0

AND

zyxelnebula_lte3301-plusMatch-

Node

zyxelnebula_fwa505_firmwareRange<1.18\(acko.4\)c0

AND

zyxelnebula_fwa505Match-

Node

zyxelnebula_fwa710_firmwareRange<1.18\(acgc.4\)c0

AND

zyxelnebula_fwa710Match-

Node

zyxelnebula_fwa510_firmwareRange<1.18\(acgd.4\)c0

AND

zyxelnebula_fwa510Match-

Node

zyxelwx5600-t0_firmwareRange<5.70\(aceb.3.2\)c0

AND

zyxelwx5600-t0Match-

Node

zyxelwx3401-b0_firmwareRange<5.17\(abve.2.5\)c0

AND

zyxelwx3401-b0Match-

Node

zyxelwx3100-t0_firmwareRange<5.50\(abvl.4.2\)c0

AND

zyxelwx3100-t0Match-

Node

zyxelscr50axe_firmwareRange<1.10\(acgn.3\)c0

AND

zyxelscr50axeMatch-

Node

zyxelpx3321-t1_firmwareRange<5.44\(acjb.0.2\)z0

AND

zyxelpx3321-t1Match-

Node

zyxelpm7300-t0_firmwareRange<5.42\(abyy.2.2\)c0

AND

zyxelpm7300-t0Match-

Node

zyxelpm5100-t0_firmwareRange<5.42\(acbf.2.1\)c0

AND

zyxelpm5100-t0Match-

Node

zyxelpm3100-t0_firmwareRange<5.42\(acbf.2.1\)c0

AND

zyxelpm3100-t0Match-

Node

zyxelax7501-b1_firmwareRange<5.17\(abpc.5.2\)c0

AND

zyxelax7501-b1Match-

Node

zyxelax7501-b0_firmwareRange<5.17\(abpc.5.2\)c0

AND

zyxelax7501-b0Match-

Node

zyxelvmg8825-t50k_firmwareRange<5.50\(abom.8.4\)c0

AND

zyxelvmg8825-t50kMatch-

Node

zyxelvmg8623-t50b_firmwareRange<5.50\(abpm.9.2\)c0

AND

zyxelvmg8623-t50bMatch-

Node

zyxelvmg4005-b60a_firmwareRange<5.15\(abqa.2.2\)c0

AND

zyxelvmg4005-b60aMatch-

Node

zyxelvmg4005-b50a_firmwareRange<5.15\(abqa.2.2\)c0

AND

zyxelvmg4005-b50aMatch-

Node

zyxelvmg3927-t50k_firmwareRange<5.50\(abom.8.4\)c0

AND

zyxelvmg3927-t50kMatch-

Node

zyxelvmg3625-t50b_firmwareRange<5.50\(abpm.9.2\)c0

AND

zyxelvmg3625-t50bMatch-

Node

zyxelemg5723-t50k_firmwareRange<5.50\(abom.8.4\)c0

AND

zyxelemg5723-t50kMatch-

Node

zyxelemg5523-t50b_firmwareRange<5.50\(abpm.9.2\)c0

AND

zyxelemg5523-t50bMatch-

Node

zyxelemg3525-t50b_firmwareRange<5.50\(abpm.9.2\)c0

AND

zyxelemg3525-t50bMatch-

Node

zyxelex7710-b0_firmwareRange<5.18\(acak.1\)c1

AND

zyxelex7710-b0Match-

Node

zyxelex7501-b0_firmwareRange<5.18\(achn.1.2\)c0

AND

zyxelex7501-b0Match-

Node

zyxelex5601-t1_firmwareRange<5.70\(acdz.3.2\)c0

AND

zyxelex5601-t1Match-

Node

zyxelex5601-t0_firmwareRange<5.70\(acdz.3.2\)c0

AND

zyxelex5601-t0Match-

Node

zyxelex5512-t0_firmwareRange<5.70\(aceg.3\)c2

AND

zyxelex5512-t0Match-

Node

zyxelex5510-b0_firmwareRange<5.17\(abqx.10\)b2

AND

zyxelex5510-b0Match-

Node

zyxelex5401-b1_firmwareRange<5.17\(abyo.6.2\)c0

AND

zyxelex5401-b1Match-

Node

zyxelex5401-b0_firmwareRange<5.17\(abyo.6.2\)c0

AND

zyxelex5401-b0Match-

Node

zyxelex3510-b0_firmwareRange<5.17\(abup.12\)b2

AND

zyxelex3510-b0Match-

Node

zyxelex3501-t0_firmwareRange<5.44\(achr.2\)c0

AND

zyxelex3501-t0Match-

Node

zyxelex3500-t0_firmwareRange<5.44\(achr.2\)c0

AND

zyxelex3500-t0Match-

Node

zyxelex3301-t0_firmwareRange<5.50\(abvy.5.3\)c0

AND

zyxelex3301-t0Match-

Node

zyxelex3300-t1_firmwareRange<5.50\(abvy.5.3\)c0

AND

zyxelex3300-t1Match-

Node

zyxelex3300-t0_firmwareRange<5.50\(abvy.5.3\)c0

AND

zyxelex3300-t0Match-

Node

zyxeldx5401-b1_firmwareRange<5.17\(abyo.6.2\)c0

AND

zyxeldx5401-b1Match-

Node

zyxeldx5401-b0_firmwareRange<5.17\(abyo.6.2\)c0

AND

zyxeldx5401-b0Match-

Node

zyxeldx4510-b0_firmwareRange<5.17\(abyl.7\)b2

AND

zyxeldx4510-b0Match-

Node

zyxeldx3301-t0_firmwareRange<5.50\(abvy.5.3\)c0

AND

zyxeldx3301-t0Match-

Node

zyxeldx3300-t1_firmwareRange<5.50\(abvy.5.3\)c0

AND

zyxeldx3300-t1Match-

Node

zyxeldx3300-t0_firmwareRange<5.50\(abvy.5.3\)c0

AND

zyxeldx3300-t0Match-

Node

zyxelnr7501_firmwareRange<1.00\(aceh.1\)c0

AND

zyxelnr7501Match-

Node

zyxelnr7303_firmwareRange<1.00\(acei.1\)b4

AND

zyxelnr7303Match-

Node

zyxelnr7302_firmwareRange<1.00\(acha.4\)c0

AND

zyxelnr7302Match-

Node

zyxelnr7103_firmwareRange<1.00\(accz.4\)c0

AND

zyxelnr7103Match-

Node

zyxelnr5307_firmwareRange<1.00\(acjt.0\)b6

AND

zyxelnr5307Match-

Node

zyxelnr5103ev2_firmwareRange<1.00\(aciq.1\)c0

AND

zyxelnr5103ev2Match-

Node

zyxelnr5103_firmwareRange<4.19\(abyc.6\)c0

AND

zyxelnr5103Match-

VendorProductVersionCPE
zyxelnebula_lte3301-plus_firmware*cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:*:*:*:*:*:*:*:*
zyxelnebula_lte3301-plus-cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*
zyxelnebula_fwa505_firmware*cpe:2.3:o:zyxel:nebula_fwa505_firmware:*:*:*:*:*:*:*:*
zyxelnebula_fwa505-cpe:2.3:h:zyxel:nebula_fwa505:-:*:*:*:*:*:*:*
zyxelnebula_fwa710_firmware*cpe:2.3:o:zyxel:nebula_fwa710_firmware:*:*:*:*:*:*:*:*
zyxelnebula_fwa710-cpe:2.3:h:zyxel:nebula_fwa710:-:*:*:*:*:*:*:*
zyxelnebula_fwa510_firmware*cpe:2.3:o:zyxel:nebula_fwa510_firmware:*:*:*:*:*:*:*:*
zyxelnebula_fwa510-cpe:2.3:h:zyxel:nebula_fwa510:-:*:*:*:*:*:*:*
zyxelwx5600-t0_firmware*cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:*
zyxelwx5600-t0-cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
zyxel	nebula_lte3301-plus_firmware	*	cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware::::::::
zyxel	nebula_lte3301-plus	-	cpe:2.3:h:zyxel:nebula_lte3301-plus:-:::::::*
zyxel	nebula_fwa505_firmware	*	cpe:2.3:o:zyxel:nebula_fwa505_firmware::::::::
zyxel	nebula_fwa505	-	cpe:2.3:h:zyxel:nebula_fwa505:-:::::::*
zyxel	nebula_fwa710_firmware	*	cpe:2.3:o:zyxel:nebula_fwa710_firmware::::::::
zyxel	nebula_fwa710	-	cpe:2.3:h:zyxel:nebula_fwa710:-:::::::*
zyxel	nebula_fwa510_firmware	*	cpe:2.3:o:zyxel:nebula_fwa510_firmware::::::::
zyxel	nebula_fwa510	-	cpe:2.3:h:zyxel:nebula_fwa510:-:::::::*
zyxel	wx5600-t0_firmware	*	cpe:2.3:o:zyxel:wx5600-t0_firmware::::::::
zyxel	wx5600-t0	-	cpe:2.3:h:zyxel:wx5600-t0:-:::::::*

Rows per page:

1-10 of 1001

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "VMG8825-T50K firmware",
    "vendor": "Zyxel",
    "versions": [
      {
        "status": "affected",
        "version": "5.50(ABOM.8)C0"
      }
    ]
  }
]

References

www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerability-in-some-5g-nr-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-devices-09-03-2024

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

17.7%

JSON

Related for CVE-2024-5412