CVE-2025-7673
16.07.2025, 07:15
A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request.
| Vendor | Product | Version |
|---|---|---|
| zyxel | emg3525-t50b_firmware | 𝑥 < 5.50\(abpm.4\)c0 |
| zyxel | emg3525-t50b_firmware | 𝑥 < 5.50\(absl.0\)b8 |
| zyxel | emg5523-t50b_firmware | 𝑥 < 5.50\(abpm.4\)c0 |
| zyxel | emg5523-t50b_firmware | 𝑥 < 5.50\(absl.0\)b8 |
| zyxel | emg5723-t50k_firmware | 𝑥 < 5.50\(abom.5\)c0 |
| zyxel | emg6726-b10a_firmware | 𝑥 < 5.13\(abnp.6\).c |
| zyxel | ex3510-b0_firmware | 𝑥 < 5.17\(abup.3\)c0 |
| zyxel | ex5510-b0_firmware | 𝑥 < 5.15\(abqx.3\)c0 |
| zyxel | vmg1312-t20b_firmware | 𝑥 < 5.50\(absb.3\)c0 |
| zyxel | vmg3625-t50b_firmware | 𝑥 < 5.50\(abpm.4\)c0 |
| zyxel | vmg3925-b10b_firmware | 𝑥 < 5.13\(aavf.16\)c |
| zyxel | vmg3925-b10c_firmware | 𝑥 < 5.13\(aavf.16\)c |
| zyxel | vmg3927-b50a_firmware | 𝑥 < 5.15\(abmt.5\)c0 |
| zyxel | vmg3927-b60a_firmware | 𝑥 < 5.15\(abmt.5\)c0 |
| zyxel | vmg3927-b50b_firmware | 𝑥 < 5.13\(ably.6\)c0 |
| zyxel | vmg3927-t50k_firmware | 𝑥 < 5.50\(abom.5\)c0 |
| zyxel | vmg4005-b50b_firmware | 𝑥 < 5.13\(abrl.5\)c0 |
| zyxel | vmg4927-b50a_firmware | 𝑥 < 5.13\(ably.6\)c0 |
| zyxel | vmg8623-t50b_firmware | 𝑥 < 5.50\(abpm.4\)c0 |
| zyxel | vmg8825-b50a_firmware | 𝑥 < 5.15\(abmt.5\)c0 |
| zyxel | vmg8825-b60a_firmware | 𝑥 < 5.15\(abmt.5\)c0 |
| zyxel | vmg8825-bx0b_firmware | 𝑥 < 5.17\(abny.5\)c0 |
| zyxel | vmg8825-t50k_firmware | 𝑥 < 5.50\(abom.5\)c0 |
| zyxel | vmg8924-b10d_firmware | 𝑥 < 5.13\(abgq.6\)c0 |
| zyxel | xmg3927-b50a_firmware | 𝑥 < 5.15\(abmt.5\)c0 |
| zyxel | xmg8825-b50a_firmware | 𝑥 < 5.17\(abmt.5\)c0 |
𝑥
= Vulnerable software versions