CVSS: 7.8EPSS: 0%CPEs: 50EXPL: 0CVE-2024-5412
https://notcve.org/view.php?id=CVE-2024-5412
03 Sep 2024 — A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. • https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerability-in-some-5g-nr-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-devices-09-03-2024 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 78EXPL: 0CVE-2022-43390
https://notcve.org/view.php?id=CVE-2022-43390
11 Jan 2023 — A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request. Una vulnerabilidad de inyección de comandos en el programa CGI del firmware Zyxel NR7101 anterior a V1.15(ACCC.3)C0, que podría permitir a un atacante autenticado ejecutar algunos comandos del sistema operativo en un dispositivo vulnerable enviando una solicitud HTTP manipulada... • https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 96EXPL: 0CVE-2022-43391
https://notcve.org/view.php?id=CVE-2022-43391
11 Jan 2023 — A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request. • https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.8EPSS: 0%CPEs: 96EXPL: 0CVE-2022-43392
https://notcve.org/view.php?id=CVE-2022-43392
11 Jan 2023 — A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request. • https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •