CVE-2025-6599

EUVD-2025-197903
An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris‑style denial‑of‑service (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other networking services remain unaffected.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
ZyxelCNA
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
zyxellte3301-plus_firmware
𝑥
≤ 1.00\(abqu.7\)c0
zyxelnr5103_firmware
𝑥
≤ 4.19\(abyc.8\)c0
zyxelnr5103e_firmware
𝑥
≤ 1.00\(acdj.1\)c0
zyxelnr5309_firmware
𝑥
≤ 1.00\(ackp.1\)b3
zyxelnr7302_firmware
𝑥
≤ 5.00\(acha.5\)c0
zyxelnr7303_firmware
𝑥
≤ 1.00\(acei.1\)c0
zyxelnebula_fwa505_firmware
𝑥
≤ 1.19\(acko.0\)c0
zyxelnebula_fwa510_firmware
𝑥
≤ 1.20\(acgd.1\)c0
zyxelnebula_fwa515_firmware
𝑥
≤ 1.50\(acpz.0\)c0
zyxelnebula_fwa710_firmware
𝑥
≤ 1.20\(acgc.0\)c0
zyxeldm4200-b0_firmware
𝑥
≤ 5.17\(acbs.1.3\)c0
zyxeldx3300-t0_firmware
𝑥
≤ 5.50\(abvy.6.3\)c0
zyxeldx3300-t1_firmware
𝑥
≤ 5.50\(abvy.6.3\)c0
zyxeldx3301-t0_firmware
𝑥
≤ 5.50\(abvy.6.3\)c0
zyxeldx4510-b1_firmware
𝑥
≤ 5.17\(abyl.9\)c0
zyxeldx5401-b0_firmware
𝑥
≤ 5.17\(abyo.7\)b2
zyxeldx5401-b1_firmware
𝑥
≤ 5.17\(abyo.7\)b2
zyxelee3301-00_firmware
𝑥
≤ 5.63\(acmu.1.1\)c0
zyxelee5301-00_firmware
𝑥
≤ 5.63\(acld.1.1\)c0
zyxelee6510-10_firmware
𝑥
≤ 5.19\(acjq.3\)c0
zyxelex3300-t0_firmware
𝑥
≤ 5.50\(abvy.6.3\)c0
zyxelex3300-t0_firmware
𝑥
≤ 5.50\(acdi.2.1\)c0
zyxelex3300-t1_firmware
𝑥
≤ 5.50\(abvy.6.3\)c0
zyxelex3301-t0_firmware
𝑥
≤ 5.50\(abvy.6.3\)c0
zyxelex3500-t0_firmware
𝑥
≤ 5.44\(achr.4\)c0
zyxelex3501-t0_firmware
𝑥
≤ 5.44\(achr.4\)c0
zyxelex3600-t0_firmware
𝑥
≤ 5.70\(acif.1.2\)c0
zyxelex5401-b0_firmware
𝑥
≤ 5.17\(abyo.7\)b2
zyxelex5401-b1_firmware
𝑥
≤ 5.17\(abyo.7\)b2
zyxelex5501-b0_firmware
𝑥
≤ 5.17\(abry.5.5\)c0
zyxelex5510-b0_firmware
𝑥
≤ 5.17\(abqx.10\)c0
zyxelex5512-t0_firmware
𝑥
≤ 5.70\(aceg.5\)c0
zyxelex5601-t0_firmware
𝑥
≤ 5.70\(acdz.4.1\)c0
zyxelex5601-t1_firmware
𝑥
≤ 5.70\(acdz.4.1\)c0
zyxelex7501-b0_firmware
𝑥
≤ 5.18\(achn.2.1\)c0
zyxelex7710-b0_firmware
𝑥
≤ 5.18\(acak.1.4\)c0
zyxelemg3525-t50b_firmware
𝑥
≤ 5.50\(abpm.9.5\)c0
zyxelemg5523-t50b_firmware
𝑥
≤ 5.50\(abpm.9.5\)c0
zyxelemg5723-t50k_firmware
𝑥
≤ 5.50\(abom.8.6\)c0
zyxelemg6726-b10a_firmware
𝑥
≤ 5.13\(abnp.8\)c0
zyxelgm4100-b0_firmware
𝑥
≤ 5.18\(accl.1\)c0
zyxelvmg3625-t50b_firmware
𝑥
≤ 5.50\(abpm.9.5\)c0
zyxelvmg3927-b50b_firmware
𝑥
≤ 5.13\(ably.10\)c0
zyxelvmg3927-t50k_firmware
𝑥
≤ 5.50\(abom.8.6\)c0
zyxelvmg4005-b50a_firmware
𝑥
≤ 5.17\(abqa.3\)c0
zyxelvmg4005-b60a_firmware
𝑥
≤ 5.17\(abqa.3\)c0
zyxelvmg4005-b50b_firmware
𝑥
≤ 5.13\(abrl.5.3\)c0
zyxelvmg4927-b50a_firmware
𝑥
≤ 5.13\(ably.10\)c0
zyxelvmg8623-t50b_firmware
𝑥
≤ 5.50\(abpm.9.5\)c0
zyxelvmg8825-t50k_firmware
𝑥
≤ 5.50\(abom.8.6\)c0
zyxelax7501-b0_firmware
𝑥
≤ 5.17\(abpc.6.1\)c0
zyxelax7501-b1_firmware
𝑥
≤ 5.17\(abpc.6.1\)c0
zyxelpe3301-00_firmware
𝑥
≤ 5.63\(acmt.1.1\)c0
zyxelpe5301-01_firmware
𝑥
≤ 5.63\(acoj.1.1\)c0
zyxelpm3100-t0_firmware
𝑥
≤ 5.42\(acbf.3\)c0
zyxelpm5100-t0_firmware
𝑥
≤ 5.42\(acbf.3\)c0
zyxelpm7500-00_firmware
𝑥
≤ 5.61\(ackk.1\)c0
zyxelpm7300-t0_firmware
𝑥
≤ 5.42\(abyy.3\)c0
zyxelpx3321-t1_firmware
𝑥
≤ 5.44\(acjb.1.3\)c0
zyxelpx3321-t1_firmware
𝑥
≤ 5.44\(achk.1\)c0
zyxelpx5301-t0_firmware
𝑥
≤ 5.44\(ackb.0.4\)c0
zyxelscr_50axe_firmware
𝑥
≤ 1.10\(acgn.3\)c0
zyxelwe3300-00_firmware
𝑥
≤ 5.70\(acka.0\)c0
zyxelwx3100-t0_firmware
𝑥
≤ 5.50\(abvl.4.7\)c0
zyxelwx3401-b0_firmware
𝑥
≤ 5.17\(abve.2.8\)c0
zyxelwx3401-b1_firmware
𝑥
≤ 5.17\(abve.2.8\)c0
zyxelwx5600-t0_firmware
𝑥
≤ 5.70\(aceb.4.1\)c0
zyxelwx5610-b0_firmware
𝑥
≤ 5.18\(acgj.0.3\)c0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-uncontrolled-resource-consumption-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-11-18-2025