Vulnerability Details CVE-2026-7256
** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the LAN to execute operating system (OS) commands on a vulnerable device by sending a crafted HTTP request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 80.8%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2026-7256
-
cpe:2.3:h:zyxel:wre6505:v2
-
cpe:2.3:o:zyxel:wre6505_firmware:v1.00(abdv.3)c0