CVE-2025-6599

An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowlorisstyle denialofservice (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other networking services remain unaffected.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
ZyxelCNA
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
VendorProductVersion
zyxellte3301-plus_firmware
𝑥
≤ 1.00\(abqu.7\)c0
zyxelnr5103_firmware
𝑥
≤ 4.19\(abyc.8\)c0
zyxelnr5103e_firmware
𝑥
≤ 1.00\(acdj.1\)c0
zyxelnr5309_firmware
𝑥
≤ 1.00\(ackp.1\)b3
zyxelnr7302_firmware
𝑥
≤ 5.00\(acha.5\)c0
zyxelnr7303_firmware
𝑥
≤ 1.00\(acei.1\)c0
zyxelnebula_fwa505_firmware
𝑥
≤ 1.19\(acko.0\)c0
zyxelnebula_fwa510_firmware
𝑥
≤ 1.20\(acgd.1\)c0
zyxelnebula_fwa515_firmware
𝑥
≤ 1.50\(acpz.0\)c0
zyxelnebula_fwa710_firmware
𝑥
≤ 1.20\(acgc.0\)c0
zyxeldm4200-b0_firmware
𝑥
≤ 5.17\(acbs.1.3\)c0
zyxeldx3300-t0_firmware
𝑥
≤ 5.50\(abvy.6.3\)c0
zyxeldx3300-t1_firmware
𝑥
≤ 5.50\(abvy.6.3\)c0
zyxeldx3301-t0_firmware
𝑥
≤ 5.50\(abvy.6.3\)c0
zyxeldx4510-b1_firmware
𝑥
≤ 5.17\(abyl.9\)c0
zyxeldx5401-b0_firmware
𝑥
≤ 5.17\(abyo.7\)b2
zyxeldx5401-b1_firmware
𝑥
≤ 5.17\(abyo.7\)b2
zyxelee3301-00_firmware
𝑥
≤ 5.63\(acmu.1.1\)c0
zyxelee5301-00_firmware
𝑥
≤ 5.63\(acld.1.1\)c0
zyxelee6510-10_firmware
𝑥
≤ 5.19\(acjq.3\)c0
zyxelex3300-t0_firmware
𝑥
≤ 5.50\(abvy.6.3\)c0
zyxelex3300-t0_firmware
𝑥
≤ 5.50\(acdi.2.1\)c0
zyxelex3300-t1_firmware
𝑥
≤ 5.50\(abvy.6.3\)c0
zyxelex3301-t0_firmware
𝑥
≤ 5.50\(abvy.6.3\)c0
zyxelex3500-t0_firmware
𝑥
≤ 5.44\(achr.4\)c0
zyxelex3501-t0_firmware
𝑥
≤ 5.44\(achr.4\)c0
zyxelex3600-t0_firmware
𝑥
≤ 5.70\(acif.1.2\)c0
zyxelex5401-b0_firmware
𝑥
≤ 5.17\(abyo.7\)b2
zyxelex5401-b1_firmware
𝑥
≤ 5.17\(abyo.7\)b2
zyxelex5501-b0_firmware
𝑥
≤ 5.17\(abry.5.5\)c0
zyxelex5510-b0_firmware
𝑥
≤ 5.17\(abqx.10\)c0
zyxelex5512-t0_firmware
𝑥
≤ 5.70\(aceg.5\)c0
zyxelex5601-t0_firmware
𝑥
≤ 5.70\(acdz.4.1\)c0
zyxelex5601-t1_firmware
𝑥
≤ 5.70\(acdz.4.1\)c0
zyxelex7501-b0_firmware
𝑥
≤ 5.18\(achn.2.1\)c0
zyxelex7710-b0_firmware
𝑥
≤ 5.18\(acak.1.4\)c0
zyxelemg3525-t50b_firmware
𝑥
≤ 5.50\(abpm.9.5\)c0
zyxelemg5523-t50b_firmware
𝑥
≤ 5.50\(abpm.9.5\)c0
zyxelemg5723-t50k_firmware
𝑥
≤ 5.50\(abom.8.6\)c0
zyxelemg6726-b10a_firmware
𝑥
≤ 5.13\(abnp.8\)c0
zyxelgm4100-b0_firmware
𝑥
≤ 5.18\(accl.1\)c0
zyxelvmg3625-t50b_firmware
𝑥
≤ 5.50\(abpm.9.5\)c0
zyxelvmg3927-b50b_firmware
𝑥
≤ 5.13\(ably.10\)c0
zyxelvmg3927-t50k_firmware
𝑥
≤ 5.50\(abom.8.6\)c0
zyxelvmg4005-b50a_firmware
𝑥
≤ 5.17\(abqa.3\)c0
zyxelvmg4005-b60a_firmware
𝑥
≤ 5.17\(abqa.3\)c0
zyxelvmg4005-b50b_firmware
𝑥
≤ 5.13\(abrl.5.3\)c0
zyxelvmg4927-b50a_firmware
𝑥
≤ 5.13\(ably.10\)c0
zyxelvmg8623-t50b_firmware
𝑥
≤ 5.50\(abpm.9.5\)c0
zyxelvmg8825-t50k_firmware
𝑥
≤ 5.50\(abom.8.6\)c0
zyxelax7501-b0_firmware
𝑥
≤ 5.17\(abpc.6.1\)c0
zyxelax7501-b1_firmware
𝑥
≤ 5.17\(abpc.6.1\)c0
zyxelpe3301-00_firmware
𝑥
≤ 5.63\(acmt.1.1\)c0
zyxelpe5301-01_firmware
𝑥
≤ 5.63\(acoj.1.1\)c0
zyxelpm3100-t0_firmware
𝑥
≤ 5.42\(acbf.3\)c0
zyxelpm5100-t0_firmware
𝑥
≤ 5.42\(acbf.3\)c0
zyxelpm7500-00_firmware
𝑥
≤ 5.61\(ackk.1\)c0
zyxelpm7300-t0_firmware
𝑥
≤ 5.42\(abyy.3\)c0
zyxelpx3321-t1_firmware
𝑥
≤ 5.44\(acjb.1.3\)c0
zyxelpx3321-t1_firmware
𝑥
≤ 5.44\(achk.1\)c0
zyxelpx5301-t0_firmware
𝑥
≤ 5.44\(ackb.0.4\)c0
zyxelscr_50axe_firmware
𝑥
≤ 1.10\(acgn.3\)c0
zyxelwe3300-00_firmware
𝑥
≤ 5.70\(acka.0\)c0
zyxelwx3100-t0_firmware
𝑥
≤ 5.50\(abvl.4.7\)c0
zyxelwx3401-b0_firmware
𝑥
≤ 5.17\(abve.2.8\)c0
zyxelwx3401-b1_firmware
𝑥
≤ 5.17\(abve.2.8\)c0
zyxelwx5600-t0_firmware
𝑥
≤ 5.70\(aceb.4.1\)c0
zyxelwx5610-b0_firmware
𝑥
≤ 5.18\(acgj.0.3\)c0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-uncontrolled-resource-consumption-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-11-18-2025