Buffer Overflow Vulnerability in Zyxel VMG8825-T50K Web Server
CVE-2025-7673

9.8CRITICAL

Key Information:

Vendor: Zyxel
Status: Vmg8825-t50k Firmware
Vendor: CVE Published:; 16 July 2025

What is CVE-2025-7673?

A buffer overflow vulnerability exists in the URL parser of the Zyxel VMG8825-T50K web server. When an unauthenticated attacker sends a specially crafted HTTP request, it can lead to denial-of-service (DoS) conditions and may allow the execution of arbitrary code. Users running firmware versions prior to V5.50(ABOM.5)C0 are particularly at risk, underscoring the importance of timely updates and security vigilance.

Affected Version(s)

VMG8825-T50K firmware < V5.50(ABOM.5)C0

References

https://www.zyxel.com/service-provider/global/en/zyxel-se...

vendor-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 16, 2025
Vulnerability Reserved
Jul 15, 2025