CVE-2025-7673

A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50ABOM.5C0 could allow an unauthenticated attacker to cause denial-of-service DoS conditions and potentially execute arbitrary code by sending a specially crafted HTTP...

VulnCheck KEV: CVE-2025-7673

A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50ABOM.5C0 could allow an unauthenticated attacker to cause denial-of-service DoS conditions and potentially execute arbitrary code by sending a specially crafted HTTP...

VulnCheck KEV: CVE-2023-28769

The buffer overflow vulnerability in the library “libclinkc.so” of the web server “zhttpd” in Zyxel DX5401-B0 firmware versions prior to V5.17ABYO.1C0 could allow a remote unauthenticated attacker to execute some OS commands or to cause denial-of-service DoS conditions on a vulnerable device...

Zyxel chained RCE using LFI and weak password derivation algorithm

This module exploits multiple vulnerabilities in the zhttpd binary /bin/zhttpd and zcmd binary /bin/zcmd. It is present on more than 40 Zyxel routers and CPE devices. The remote code execution vulnerability can be exploited by chaining the local file disclosure vulnerability in the zhttpd binary...

The vulnerability of the zhttpd component in the libclinkc.so library of the ZyXEL DX5401-B0 router’s software allows a malicious actor to execute certain operating system commands remotely.

The vulnerability of the zhttpd component in the libclinkc.so library of the ZyXEL DX5401-B0 router microprogramming system is related to the possibility of buffer overflow in memory. Exploiting this vulnerability could allow a remote attacker to execute certain commands on the operating system...

CVE-2023-28769

The buffer overflow vulnerability in the library “libclinkc.so” of the web server “zhttpd” in Zyxel DX5401-B0 firmware versions prior to V5.17ABYO.1C0 could allow a remote unauthenticated attacker to execute some OS commands or to cause denial-of-service DoS conditions on a vulnerable device...

Zyxel DX5401-B0 安全漏洞

The Zyxel DX5401-B0 is a wireless enhancement device from China's Hopkins Zyxel. A security vulnerability exists in the Zyxel DX5401-B0 V5.17ABYO.1C0 firmware version, which originates from a buffer overflow in the zhttpd library libclinkc.so. An attacker can exploit this vulnerability to execute...

PT-2023-2520 · Zyxel · Zyxel Dx5401-B0

Name of the Vulnerable Software and Affected Versions: ZyXEL DX5401-B0 firmware versions prior to V5.17ABYO.1C0 Description: The issue is related to a buffer overflow vulnerability in the libclinkc.so library of the zhttpd web server. This vulnerability could allow a remote unauthenticated attack...

Zyxel Unauthenticated LAN Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'Zyxel Unauthenticated LAN Remote Code Execution', 'Description' = %q This module exploits a buffer overflow in the zhttpd binar...