Vulnerability Details CVE-2024-38266
An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.4%
CVSS Severity
CVSS v3 Score 4.9
Products affected by CVE-2024-38266
-
cpe:2.3:h:zyxel:ax7501-b0:-
-
cpe:2.3:h:zyxel:ax7501-b1:-
-
cpe:2.3:h:zyxel:dx3300-t0:-
-
cpe:2.3:h:zyxel:dx3300-t1:-
-
cpe:2.3:h:zyxel:dx3301-t0:-
-
cpe:2.3:h:zyxel:dx4510-b0:-
-
cpe:2.3:h:zyxel:dx4510-b1:-
-
cpe:2.3:h:zyxel:dx5401-b0:-
-
cpe:2.3:h:zyxel:dx5401-b1:-
-
cpe:2.3:h:zyxel:emg3525-t50b:-
-
cpe:2.3:h:zyxel:emg5523-t50b:-
-
cpe:2.3:h:zyxel:emg5723-t50k:-
-
cpe:2.3:h:zyxel:ex3300-t0:-
-
cpe:2.3:h:zyxel:ex3300-t1:-
-
cpe:2.3:h:zyxel:ex3301-t0:-
-
cpe:2.3:h:zyxel:ex3500-t0:-
-
cpe:2.3:h:zyxel:ex3501-t0:-
-
cpe:2.3:h:zyxel:ex3510-b0:-
-
cpe:2.3:h:zyxel:ex3510-b1:-
-
cpe:2.3:h:zyxel:ex3600-t0:-
-
cpe:2.3:h:zyxel:ex5401-b0:-
-
cpe:2.3:h:zyxel:ex5401-b1:-
-
cpe:2.3:h:zyxel:ex5510-b0:-
-
cpe:2.3:h:zyxel:ex5512-t0:-
-
cpe:2.3:h:zyxel:ex5601-t0:-
-
cpe:2.3:h:zyxel:ex5601-t1:-
-
cpe:2.3:h:zyxel:ex7501-b0:-
-
cpe:2.3:h:zyxel:ex7710-b0:-
-
cpe:2.3:h:zyxel:pm3100-t0:-
-
cpe:2.3:h:zyxel:pm5100-t0:-
-
cpe:2.3:h:zyxel:pm7300-t0:-
-
cpe:2.3:h:zyxel:px3321-t1:-
-
cpe:2.3:h:zyxel:scr50axe:-
-
cpe:2.3:h:zyxel:vmg3625-t50b:-
-
cpe:2.3:h:zyxel:vmg3927-t50k:-
-
cpe:2.3:h:zyxel:vmg4005-b50a:-
-
cpe:2.3:h:zyxel:vmg4005-b60a:-
-
cpe:2.3:h:zyxel:vmg8623-t50b:-
-
cpe:2.3:h:zyxel:vmg8825-t50k:-
-
cpe:2.3:h:zyxel:wx3100-t0:-
-
cpe:2.3:h:zyxel:wx3401-b0:-
-
cpe:2.3:h:zyxel:wx5600-t0:-
-
cpe:2.3:o:zyxel:ax7501-b0_firmware:-
-
cpe:2.3:o:zyxel:ax7501-b0_firmware:5.17(abpc.1)c0
-
cpe:2.3:o:zyxel:ax7501-b0_firmware:5.17(abpc.4)c0
-
cpe:2.3:o:zyxel:ax7501-b1_firmware:5.17(abpc.4)c0
-
cpe:2.3:o:zyxel:dx3300-t0_firmware:*
-
cpe:2.3:o:zyxel:dx3300-t1_firmware:*
-
cpe:2.3:o:zyxel:dx3301-t0_firmware:-
-
cpe:2.3:o:zyxel:dx4510-b0_firmware:*
-
cpe:2.3:o:zyxel:dx4510-b1_firmware:-
-
cpe:2.3:o:zyxel:dx5401-b0_firmware:-
-
cpe:2.3:o:zyxel:dx5401-b0_firmware:5.17(abyo.1)c0
-
cpe:2.3:o:zyxel:dx5401-b0_firmware:5.17(abyo.5)c0
-
cpe:2.3:o:zyxel:dx5401-b1_firmware:5.17(abyo.5)c0
-
cpe:2.3:o:zyxel:emg3525-t50b_firmware:-
-
cpe:2.3:o:zyxel:emg3525-t50b_firmware:5.50(abpm.6)c0
-
cpe:2.3:o:zyxel:emg3525-t50b_firmware:5.50(abpm.8)c0
-
cpe:2.3:o:zyxel:emg5523-t50b_firmware:-
-
cpe:2.3:o:zyxel:emg5523-t50b_firmware:5.50(abpm.6)c0
-
cpe:2.3:o:zyxel:emg5523-t50b_firmware:5.50(abpm.8)c0
-
cpe:2.3:o:zyxel:emg5723-t50k_firmware:-
-
cpe:2.3:o:zyxel:emg5723-t50k_firmware:5.50(abom.7)c0
-
cpe:2.3:o:zyxel:ex3300-t0_firmware:*
-
cpe:2.3:o:zyxel:ex3300-t1_firmware:*
-
cpe:2.3:o:zyxel:ex3301-t0_firmware:-
-
cpe:2.3:o:zyxel:ex3500-t0_firmware:5.44(achr.0)c0
-
cpe:2.3:o:zyxel:ex3501-t0_firmware:5.44(achr.0)c0
-
cpe:2.3:o:zyxel:ex3510-b0_firmware:-
-
cpe:2.3:o:zyxel:ex3510-b0_firmware:5.17(abup.4)c1
-
cpe:2.3:o:zyxel:ex3510-b1_firmware:*
-
cpe:2.3:o:zyxel:ex3600-t0_firmware:*
-
cpe:2.3:o:zyxel:ex5401-b0_firmware:-
-
cpe:2.3:o:zyxel:ex5401-b0_firmware:5.17(abyo.1)c0
-
cpe:2.3:o:zyxel:ex5401-b0_firmware:5.17(abyo.5)c0
-
cpe:2.3:o:zyxel:ex5401-b1_firmware:5.17(abyo.5)c0
-
cpe:2.3:o:zyxel:ex5510-b0_firmware:*
-
cpe:2.3:o:zyxel:ex5512-t0_firmware:-
-
cpe:2.3:o:zyxel:ex5512-t0_firmware:5.70(aceg.2)c0
-
cpe:2.3:o:zyxel:ex5601-t0_firmware:-
-
cpe:2.3:o:zyxel:ex5601-t0_firmware:5.70(acdz.2)c0
-
cpe:2.3:o:zyxel:ex5601-t1_firmware:-
-
cpe:2.3:o:zyxel:ex5601-t1_firmware:5.70(acdz.2)c0
-
cpe:2.3:o:zyxel:ex7501-b0_firmware:*
-
cpe:2.3:o:zyxel:ex7710-b0_firmware:5.18(acak.0)c0
-
cpe:2.3:o:zyxel:pm3100-t0_firmware:-
-
cpe:2.3:o:zyxel:pm3100-t0_firmware:5.42(acbf.1.2)c0
-
cpe:2.3:o:zyxel:pm5100-t0_firmware:-
-
cpe:2.3:o:zyxel:pm5100-t0_firmware:5.42(acbf.1.2)c0
-
cpe:2.3:o:zyxel:pm7300-t0_firmware:-
-
cpe:2.3:o:zyxel:pm7300-t0_firmware:5.42(abyy.1)c0
-
cpe:2.3:o:zyxel:px3321-t1_firmware:5.44(achk.0.2)c0
-
cpe:2.3:o:zyxel:px3321-t1_firmware:5.44(achk.0.3)c0
-
cpe:2.3:o:zyxel:scr50axe_firmware:1.10(acgn.2)c0
-
cpe:2.3:o:zyxel:vmg3625-t50b_firmware:-
-
cpe:2.3:o:zyxel:vmg3625-t50b_firmware:5.50(abpm.6)c0
-
cpe:2.3:o:zyxel:vmg3625-t50b_firmware:5.50(abpm.8)c0
-
cpe:2.3:o:zyxel:vmg3927-t50k_firmware:-
-
cpe:2.3:o:zyxel:vmg3927-t50k_firmware:5.50(abom.7)c0
-
cpe:2.3:o:zyxel:vmg4005-b50a_firmware:-
-
cpe:2.3:o:zyxel:vmg4005-b50a_firmware:5.15(abqa.2.2)c0
-
cpe:2.3:o:zyxel:vmg4005-b50a_firmware:5.15(abqa.2.3)c0
-
cpe:2.3:o:zyxel:vmg4005-b60a_firmware:-
-
cpe:2.3:o:zyxel:vmg4005-b60a_firmware:5.15(abqa.2.2)c0
-
cpe:2.3:o:zyxel:vmg4005-b60a_firmware:5.15(abqa.2.3)c0
-
cpe:2.3:o:zyxel:vmg8623-t50b_firmware:-
-
cpe:2.3:o:zyxel:vmg8623-t50b_firmware:5.50(abpm.6)c0
-
cpe:2.3:o:zyxel:vmg8623-t50b_firmware:5.50(abpm.8)c0
-
cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-
-
cpe:2.3:o:zyxel:vmg8825-t50k_firmware:5.50(abom.7)c0
-
cpe:2.3:o:zyxel:vmg8825-t50k_firmware:5.50(abom.8)c0
-
cpe:2.3:o:zyxel:vmg8825-t50k_firmware:5.50(abom.8.2)c0
-
cpe:2.3:o:zyxel:vmg8825-t50k_firmware:5.50(abom.8.4)c0
-
cpe:2.3:o:zyxel:vmg8825-t50k_firmware:5.50(abom.8.5)c0
-
cpe:2.3:o:zyxel:wx3100-t0_firmware:-
-
cpe:2.3:o:zyxel:wx3100-t0_firmware:5.50(abl.3)c0
-
cpe:2.3:o:zyxel:wx3100-t0_firmware:5.50(abl.4.4)c0
-
cpe:2.3:o:zyxel:wx3100-t0_firmware:5.50(abvl.4.2)c0
-
cpe:2.3:o:zyxel:wx3401-b0_firmware:-
-
cpe:2.3:o:zyxel:wx3401-b0_firmware:5.17(abe.2)c0
-
cpe:2.3:o:zyxel:wx3401-b0_firmware:5.17(abe.2.6)c0
-
cpe:2.3:o:zyxel:wx5600-t0_firmware:-
-
cpe:2.3:o:zyxel:wx5600-t0_firmware:5.70(acdz.2)c0
-
cpe:2.3:o:zyxel:wx5600-t0_firmware:5.70(aceb.2)c0