A post-authentication buffer overflow vulnerability in the parameter "action" of the CGI program in Zyxel VMG3625-T50B firmware versions through V5.50(ABPM.9.2)C0 could allow an authenticated attacker with administrator privileges to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP GET request to a vulnerable device if the function ZyEE is enabled.
                
            Metrics
Affected Vendors & Products
History
                    Tue, 21 Jan 2025 21:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Zyxel Zyxel ax7501-b0 Zyxel ax7501-b0 Firmware Zyxel ax7501-b1 Zyxel ax7501-b1 Firmware Zyxel dx3300-t0 Zyxel dx3300-t0 Firmware Zyxel dx3300-t1 Zyxel dx3300-t1 Firmware Zyxel dx3301-t0 Zyxel dx3301-t0 Firmware Zyxel dx4510-b0 Zyxel dx4510-b0 Firmware Zyxel dx4510-b1 Zyxel dx4510-b1 Firmware Zyxel dx5401-b0 Zyxel dx5401-b0 Firmware Zyxel dx5401-b1 Zyxel dx5401-b1 Firmware Zyxel ee6510-10 Zyxel ee6510-10 Firmware Zyxel emg3525-t50b Zyxel emg3525-t50b Firmware Zyxel emg5523-t50b Zyxel emg5523-t50b Firmware Zyxel emg5723-t50k Zyxel emg5723-t50k Firmware Zyxel ex3300-t0 Zyxel ex3300-t0 Firmware Zyxel ex3300-t1 Zyxel ex3300-t1 Firmware Zyxel ex3301-t0 Zyxel ex3301-t0 Firmware Zyxel ex3500-t0 Zyxel ex3500-t0 Firmware Zyxel ex3501-t0 Zyxel ex3501-t0 Firmware Zyxel ex3510-b0 Zyxel ex3510-b0 Firmware Zyxel ex3510-b1 Zyxel ex3510-b1 Firmware Zyxel ex3600-t0 Zyxel ex3600-t0 Firmware Zyxel ex5401-b0 Zyxel ex5401-b0 Firmware Zyxel ex5401-b1 Zyxel ex5401-b1 Firmware Zyxel ex5501-b0 Zyxel ex5501-b0 Firmware Zyxel ex5510-b0 Zyxel ex5510-b0 Firmware Zyxel ex5600-t1 Zyxel ex5600-t1 Firmware Zyxel ex5601-t0 Zyxel ex5601-t0 Firmware Zyxel ex5601-t1 Zyxel ex5601-t1 Firmware Zyxel ex7501-b0 Zyxel ex7501-b0 Firmware Zyxel px3321-t1 Zyxel px3321-t1 Firmware Zyxel px5301-t0 Zyxel px5301-t0 Firmware Zyxel vmg3625-t50b Zyxel vmg3625-t50b Firmware Zyxel vmg3927-t50k Zyxel vmg3927-t50k Firmware Zyxel vmg8623-t50b Zyxel vmg8623-t50b Firmware Zyxel vmg8825-t50k Zyxel vmg8825-t50k Firmware Zyxel wx5600-t0 Zyxel wx5600-t0 Firmware | |
| CPEs | cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:dx4510-b0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ee6510-10:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex3510-b1:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex3600-t0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex5600-t1:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:ex7501-b0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:px5301-t0:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ax7501-b1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:dx4510-b0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:dx4510-b1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ee6510-10_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex3510-b1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex3600-t0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex5600-t1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex5601-t1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:ex7501-b0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:px5301-t0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:* | |
| Vendors & Products | Zyxel Zyxel ax7501-b0 Zyxel ax7501-b0 Firmware Zyxel ax7501-b1 Zyxel ax7501-b1 Firmware Zyxel dx3300-t0 Zyxel dx3300-t0 Firmware Zyxel dx3300-t1 Zyxel dx3300-t1 Firmware Zyxel dx3301-t0 Zyxel dx3301-t0 Firmware Zyxel dx4510-b0 Zyxel dx4510-b0 Firmware Zyxel dx4510-b1 Zyxel dx4510-b1 Firmware Zyxel dx5401-b0 Zyxel dx5401-b0 Firmware Zyxel dx5401-b1 Zyxel dx5401-b1 Firmware Zyxel ee6510-10 Zyxel ee6510-10 Firmware Zyxel emg3525-t50b Zyxel emg3525-t50b Firmware Zyxel emg5523-t50b Zyxel emg5523-t50b Firmware Zyxel emg5723-t50k Zyxel emg5723-t50k Firmware Zyxel ex3300-t0 Zyxel ex3300-t0 Firmware Zyxel ex3300-t1 Zyxel ex3300-t1 Firmware Zyxel ex3301-t0 Zyxel ex3301-t0 Firmware Zyxel ex3500-t0 Zyxel ex3500-t0 Firmware Zyxel ex3501-t0 Zyxel ex3501-t0 Firmware Zyxel ex3510-b0 Zyxel ex3510-b0 Firmware Zyxel ex3510-b1 Zyxel ex3510-b1 Firmware Zyxel ex3600-t0 Zyxel ex3600-t0 Firmware Zyxel ex5401-b0 Zyxel ex5401-b0 Firmware Zyxel ex5401-b1 Zyxel ex5401-b1 Firmware Zyxel ex5501-b0 Zyxel ex5501-b0 Firmware Zyxel ex5510-b0 Zyxel ex5510-b0 Firmware Zyxel ex5600-t1 Zyxel ex5600-t1 Firmware Zyxel ex5601-t0 Zyxel ex5601-t0 Firmware Zyxel ex5601-t1 Zyxel ex5601-t1 Firmware Zyxel ex7501-b0 Zyxel ex7501-b0 Firmware Zyxel px3321-t1 Zyxel px3321-t1 Firmware Zyxel px5301-t0 Zyxel px5301-t0 Firmware Zyxel vmg3625-t50b Zyxel vmg3625-t50b Firmware Zyxel vmg3927-t50k Zyxel vmg3927-t50k Firmware Zyxel vmg8623-t50b Zyxel vmg8623-t50b Firmware Zyxel vmg8825-t50k Zyxel vmg8825-t50k Firmware Zyxel wx5600-t0 Zyxel wx5600-t0 Firmware | 
Tue, 03 Dec 2024 17:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Tue, 03 Dec 2024 01:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | A post-authentication buffer overflow vulnerability in the parameter "action" of the CGI program in Zyxel VMG3625-T50B firmware versions through V5.50(ABPM.9.2)C0 could allow an authenticated attacker with administrator privileges to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP GET request to a vulnerable device if the function ZyEE is enabled. | |
| Weaknesses | CWE-120 | |
| References |  | |
| Metrics | cvssV3_1 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: Zyxel
Published: 2024-12-03T01:24:36.983Z
Updated: 2024-12-03T16:48:00.520Z
Reserved: 2024-09-26T02:20:02.424Z
Link: CVE-2024-9197
 Vulnrichment
                        Vulnrichment
                    Updated: 2024-12-03T16:47:57.782Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2024-12-03T02:15:17.773
Modified: 2025-01-21T21:18:24.393
Link: CVE-2024-9197
 Redhat
                        Redhat
                    No data.