Buffer Overflow Vulnerability Could Lead to Denial of Service in Zyxel VMG8825-T50K Firmware
CVE-2024-5412

7.5HIGH

Key Information:

Vendor: Zyxel
Status: Vmg8825-t50k Firmware
Vendor: CVE Published:; 3 September 2024

What is CVE-2024-5412?

A vulnerability exists in the Zyxel VMG8825-T50K firmware due to a buffer overflow in the libclinkc library. This flaw can be exploited by an unauthenticated attacker who sends specially crafted HTTP requests to the device. Successful exploitation can lead to denial of service conditions, impacting the availability of the affected device. Users are encouraged to apply relevant patches and consider network security practices to mitigate potential risks.

Affected Version(s)

VMG8825-T50K firmware 5.50(ABOM.8)C0

References

https://www.zyxel.com/global/en/support/security-advisori...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 3, 2024
Vulnerability Reserved
May 27, 2024