Buffer Overflow Vulnerability in Libclinkc Could Lead to Temporary DoS
CVE-2024-8748

7.5HIGH

Key Information:

Vendor: Zyxel
Status: Vmg8825-t50k Firmware
Vendor: CVE Published:; 3 December 2024

What is CVE-2024-8748?

A buffer overflow vulnerability exists within the packet parser of the third-party library 'libclinkc' used in Zyxel VMG8825-T50K firmware. This vulnerability can be exploited by sending a specially crafted HTTP POST request to the device, potentially leading to a denial of service condition which affects the web management interface. This flaw underscores the importance of maintaining up-to-date firmware to mitigate potential security risks for users relying on this device.

Affected Version(s)

VMG8825-T50K firmware <= V5.50(ABOM.8.4)C0

References

https://www.zyxel.com/global/en/support/security-advisori...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 3, 2024
Vulnerability Reserved
Sep 12, 2024