CVE-2024-0816

The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
ZyxelCNA
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
VendorProductVersion
zyxellte3202-m437_firmware
1.00\(abwf.3\)c0
zyxellte3301-plus_firmware
1.00\(abqu.5\)c0
zyxellte5388-m804_firmware
1.00\(absq.4\)c0
zyxellte5398-m904_firmware
1.00\(abq.4\)c0
zyxellte7240-m403_firmware
2.00\(abmg.7\)c0
zyxellte7480-m804_firmware
1.00\(abra.8\)c0
zyxellte7490-m904_firmware
1.00\(abqy.7\)c0
zyxelnr5103_firmware
4.19\(abyc.5\)c0
zyxelnr5103e_firmware
1.00\(acdj.1\)b3
zyxelnr5103ev2_firmware
1.00\(aciq.0\)c0
zyxelnr5307_firmware
1.00\(acjt.0\)b4
zyxelnr7101_firmware
1.00\(abu.9\)c0
zyxelnr7102_firmware
1.00\(abyd.2\)c0
zyxelnr7103_firmware
1.00\(accz.2\)c0
zyxelnr7302_firmware
1.00\(acha.2\)c0
zyxelnr7303_firmware
1.00\(acei.0\)c0
zyxelnr7501_firmware
1.00\(aceh.0\)c0
zyxelnebula_fwa505_firmware
1.18\(acko.1\)c0
zyxelnebula_fwa510_firmware
1.18\(acgd.1\)c0
zyxelnebula_fwa710_firmware
1.17\(acgc.0\)c0
zyxelnebula_lte3301-plus_firmware
1.17\(acca.0\)c0
zyxelnebula_lte7461-m602_firmware
1.15\(ace.3\)c0
zyxelnebula_nr5101_firmware
1.16\(accg.0\)c0
zyxelnebula_nr7101_firmware
1.16\(accc.0\)c0
zyxeldx3300-t1_firmware
5.50\(aby.4\)c0
zyxeldx3301-t0_firmware
5.50\(aby.4\)c0
zyxeldx4510_firmware
5.17\(abyl.6\)c0
zyxeldx5401-b0_firmware
5.17\(abyo.5\)c0
zyxeldx5401-b1_firmware
5.17\(abyo.5\)c0
zyxelemg3525-t50b_firmware
5.50\(abpm.8\)c0
zyxelemg5523-t50b_firmware
5.50\(abpm.8\)c0
zyxelemg5723-t50k_firmware
5.50\(abom.8.2\)c0
zyxelex3300-t1_firmware
5.50\(aby.4\)c0
zyxelex3301-t0_firmware
5.50\(aby.4\)c0
zyxelex3320-t0_firmware
5.71\(yak.2\)d0
zyxelex3320-t1_firmware
5.71\(yap.0\)c0
zyxelex3500-t0_firmware
5.44\(achr.0\)c0
zyxelex3501-t0_firmware
5.44\(achr.0\)c0
zyxelex3510_firmware
5.17\(abup.11\)c0
zyxelex5401-b0_firmware
5.17\(abyo.5\)c0
zyxelex5401-b1_firmware
5.17\(abyo.5\)c0
zyxelex5501-b0_firmware
5.17\(abry.4\)c0
zyxelex5510_firmware
5.17\(abqx.9\)c0
zyxelex5512-t0_firmware
5.70\(aceg.2\)c0
zyxelex5600-t1_firmware
5.70\(acdz.2\)c0
zyxelex5601-t0_firmware
5.70\(acdz.2\)c0
zyxelex5601-t1_firmware
5.70\(acdz.2\)c0
zyxelex7710-b0_firmware
5.18\(acak.0\)c0
zyxelvmg3625-t50b_firmware
5.50\(abpm.8\)c0
zyxelvmg3927-t50k_firmware
5.50\(abom.8.2\)c0
zyxelvmg4005-b50a_firmware
5.17\(abqa.2\)c0
zyxelvmg4005-b60a_firmware
5.17\(abqa.2\)c0
zyxelvmg8623-t50b_firmware
5.50\(abpm.8\)c0
zyxelvmg8825-t50k_firmware
5.50\(abom.8.2\)c0
zyxelax7501-b0_firmware
5.17\(abpc.4\)c0
zyxelax7501-b1_firmware
5.17\(abpc.4\)c0
zyxelpm3100-t0_firmware
5.42\(acbf.1.2\)c0
zyxelpm5100-t0_firmware
5.42\(acbf.1.2\)c0
zyxelpm7300-t0_firmware
5.42\(abyy.1\)c0
zyxelpx3321-t1_firmware
5.44\(acjb.0\)c0
zyxelwx3100-t0_firmware
5.50\(abl.3\)c0
zyxelwx3401-b0_firmware
5.17\(abe.2\)c0
zyxelwx5600-t0_firmware
5.70\(acdz.2\)c0
zyxelwx5610-b0_firmware
5.18\(acgj.0\)c0
zyxelnbg7510_firmware
1.00\(abzy.6\)c0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerabilities-in-some-5g-nr-4g-lte-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-home-router-devices-05-21-2024
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerabilities-in-some-5g-nr-4g-lte-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-home-router-devices-05-21-2024