Vulnerability Details CVE-2023-37929
The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.9%
CVSS Severity
CVSS v3 Score 6.5
References
- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerabilities-in-some-5g-nr-4g-lte-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-home-router-devices-05-21-2024
- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerabilities-in-some-5g-nr-4g-lte-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-home-router-devices-05-21-2024
Products affected by CVE-2023-37929
-
cpe:2.3:h:zyxel:ax7501-b0:-
-
cpe:2.3:h:zyxel:ax7501-b1:-
-
cpe:2.3:h:zyxel:dx3300-t1:-
-
cpe:2.3:h:zyxel:dx3301-t0:-
-
cpe:2.3:h:zyxel:dx4510:-
-
cpe:2.3:h:zyxel:dx5401-b0:-
-
cpe:2.3:h:zyxel:dx5401-b1:-
-
cpe:2.3:h:zyxel:emg3525-t50b:-
-
cpe:2.3:h:zyxel:emg5523-t50b:-
-
cpe:2.3:h:zyxel:emg5723-t50k:-
-
cpe:2.3:h:zyxel:ex3300-t1:-
-
cpe:2.3:h:zyxel:ex3301-t0:-
-
cpe:2.3:h:zyxel:ex3500-t0:-
-
cpe:2.3:h:zyxel:ex3501-t0:-
-
cpe:2.3:h:zyxel:ex3510:-
-
cpe:2.3:h:zyxel:ex5401-b0:-
-
cpe:2.3:h:zyxel:ex5401-b1:-
-
cpe:2.3:h:zyxel:ex5501-b0:-
-
cpe:2.3:h:zyxel:ex5510:-
-
cpe:2.3:h:zyxel:ex5512-t0:-
-
cpe:2.3:h:zyxel:ex5600-t1:-
-
cpe:2.3:h:zyxel:ex5601-t0:-
-
cpe:2.3:h:zyxel:ex5601-t1:-
-
cpe:2.3:h:zyxel:ex7710-b0:-
-
cpe:2.3:h:zyxel:nbg7510:-
-
cpe:2.3:h:zyxel:vmg3625-t50b:-
-
cpe:2.3:h:zyxel:vmg3927-t50k:-
-
cpe:2.3:h:zyxel:vmg8623-t50b:-
-
cpe:2.3:h:zyxel:vmg8825-t50k:-
-
cpe:2.3:h:zyxel:wx3100-t0:-
-
cpe:2.3:h:zyxel:wx5600-t0:-
-
cpe:2.3:h:zyxel:wx5610-b0:-
-
cpe:2.3:o:zyxel:ax7501-b0_firmware:5.17(abpc.4)c0
-
cpe:2.3:o:zyxel:ax7501-b1_firmware:5.17(abpc.4)c0
-
cpe:2.3:o:zyxel:dx3300-t1_firmware:5.50(aby.4)c0
-
cpe:2.3:o:zyxel:dx3301-t0_firmware:5.50(aby.4)c0
-
cpe:2.3:o:zyxel:dx4510_firmware:5.17(abyl.5)c0
-
cpe:2.3:o:zyxel:dx5401-b0_firmware:5.17(abyo.5)c0
-
cpe:2.3:o:zyxel:dx5401-b1_firmware:5.17(abyo.5)c0
-
cpe:2.3:o:zyxel:emg3525-t50b_firmware:5.50(abpm.8)c0
-
cpe:2.3:o:zyxel:emg5523-t50b_firmware:5.50(abpm.8)c0
-
cpe:2.3:o:zyxel:emg5723-t50k_firmware:5.50(abom.8.2)c0
-
cpe:2.3:o:zyxel:ex3300-t1_firmware:5.50(aby.4)c0
-
cpe:2.3:o:zyxel:ex3301-t0_firmware:5.50(aby.4)c0
-
cpe:2.3:o:zyxel:ex3500-t0_firmware:5.44(achr.0)c0
-
cpe:2.3:o:zyxel:ex3501-t0_firmware:5.44(achr.0)c0
-
cpe:2.3:o:zyxel:ex3510_firmware:5.17(abup.9)c0
-
cpe:2.3:o:zyxel:ex5401-b0_firmware:5.17(abyo.5)c0
-
cpe:2.3:o:zyxel:ex5401-b1_firmware:5.17(abyo.5)c0
-
cpe:2.3:o:zyxel:ex5501-b0_firmware:5.17(abry.4)c0
-
cpe:2.3:o:zyxel:ex5510_firmware:5.17(abqx.8)c0
-
cpe:2.3:o:zyxel:ex5512-t0_firmware:5.70(aceg.2)c0
-
cpe:2.3:o:zyxel:ex5600-t1_firmware:5.70(acdz.2)c0
-
cpe:2.3:o:zyxel:ex5601-t0_firmware:5.70(acdz.2)c0
-
cpe:2.3:o:zyxel:ex5601-t1_firmware:5.70(acdz.2)c0
-
cpe:2.3:o:zyxel:ex7710-b0_firmware:5.18(acak.0)c0
-
cpe:2.3:o:zyxel:nbg7510_firmware:1.00(abzy.5)c0
-
cpe:2.3:o:zyxel:vmg3625-t50b_firmware:5.50(abpm.8)c0
-
cpe:2.3:o:zyxel:vmg3927-t50k_firmware:5.50(abom.8.2)c0
-
cpe:2.3:o:zyxel:vmg8623-t50b_firmware:5.50(abpm.8)c0
-
cpe:2.3:o:zyxel:vmg8825-t50k_firmware:5.50(abom.8.2)c0
-
cpe:2.3:o:zyxel:wx3100-t0_firmware:5.50(abl.3)c0
-
cpe:2.3:o:zyxel:wx5600-t0_firmware:5.70(aceb.2)c0
-
cpe:2.3:o:zyxel:wx5610-b0_firmware:5.18(acgj.0)c0