{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-8748","assignerOrgId":"96e50032-ad0d-4058-a115-4d2c13821f9f","state":"PUBLISHED","assignerShortName":"Zyxel","dateReserved":"2024-09-12T07:51:38.916Z","datePublished":"2024-12-03T01:15:46.610Z","dateUpdated":"2024-12-03T16:31:58.508Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"VMG8825-T50K firmware","vendor":"Zyxel","versions":[{"status":"affected","version":"<= V5.50(ABOM.8.4)C0"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device."}],"value":"A buffer overflow vulnerability in the packet parser of the third-party library \"libclinkc\" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-120","description":"CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"96e50032-ad0d-4058-a115-4d2c13821f9f","shortName":"Zyxel","dateUpdated":"2024-12-03T01:34:18.062Z"},"references":[{"tags":["vendor-advisory"],"url":"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"affected":[{"vendor":"zyxel","product":"vmg8825-t50k_firmware","cpes":["cpe:2.3:o:zyxel:vmg8825-t50k_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.50\\(abom.8.4\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"lte3301-plus_firmware","cpes":["cpe:2.3:o:zyxel:lte3301-plus_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"1.00\\(abqu.5\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"lte5388-m804_firmware","cpes":["cpe:2.3:o:zyxel:lte5388-m804_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"1.00\\(absq.4\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"lte5398-m904_firmware","cpes":["cpe:2.3:o:zyxel:lte5398-m904_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"1.00\\(abqv.4\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"lte7480-m804_firmware","cpes":["cpe:2.3:o:zyxel:lte7480-m804_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"1.00\\(abra.9\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"lte7490-m904_firmware","cpes":["cpe:2.3:o:zyxel:lte7490-m904_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"1.00\\(abqy.8\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"nr7101_firmware","cpes":["cpe:2.3:o:zyxel:nr7101_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"1.00\\(abuv.10\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"nr7102_firmware","cpes":["cpe:2.3:o:zyxel:nr7102_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"v1.00\\(abyd.3\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"nebula_nr5101_firmware","cpes":["cpe:2.3:o:zyxel:nebula_nr5101_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThan":"1.16\\(accg.0\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"nebula_nr7101_firmware","cpes":["cpe:2.3:o:zyxel:nebula_nr7101_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"1.16\\(accc.0\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"nebula_lte3301-plus_firmware","cpes":["cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"1.18\\(acca.4\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"dx3300-t0_firmware","cpes":["cpe:2.3:o:zyxel:dx3300-t0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.50\\(abvy.5.3\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"dx3300-t1_firmware","cpes":["cpe:2.3:o:zyxel:dx3300-t1_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.50(abvy.5.3)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"dx3301-t0_firmware","cpes":["cpe:2.3:o:zyxel:dx3301-t0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.50\\(abvy.5.3\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"dx4510-b0_firmware","cpes":["cpe:2.3:o:zyxel:dx4510-b0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.17\\(abyl.7\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"dx4510-b1_firmware","cpes":["cpe:2.3:o:zyxel:dx4510-b1_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.17\\(abyl.7\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"dx5401-b0_firmware","cpes":["cpe:2.3:o:zyxel:dx5401-b0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.17\\(abyo.6.3\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"dx5401_b1_firmware","cpes":["cpe:2.3:o:zyxel:dx5401_b1_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.17\\(abyo.6.3\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"ee6510-10_firmware","cpes":["cpe:2.3:o:zyxel:ee6510-10_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.19\\(acjq.0\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"ex2210-t0_firmware","cpes":["cpe:2.3:o:zyxel:ex2210-t0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.50\\(acdi.1\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"wx3100-t0_firmware","cpes":["cpe:2.3:o:zyxel:wx3100-t0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.50\\(abvl.4.3\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"wx3401-b0_firmware","cpes":["cpe:2.3:o:zyxel:wx3401-b0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.17\\(abve.2.5\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"wx3401-b1_firmware","cpes":["cpe:2.3:o:zyxel:wx3401-b1_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.17(abve.2.5)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"wx5600-t0_firmware","cpes":["cpe:2.3:o:zyxel:wx5600-t0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.70\\(aceb.3.2\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"wx5610-b0_firmware","cpes":["cpe:2.3:o:zyxel:wx5610-b0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.18\\(acgj.0\\)c2","versionType":"custom"}]},{"vendor":"zyxel","product":"ax7501-b0_firmware","cpes":["cpe:2.3:o:zyxel:ax7501-b0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.17\\(abpc.5.2\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"ax7501-b1_firmware","cpes":["cpe:2.3:o:zyxel:ax7501-b1_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.17\\(abpc.5.2\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"pm3100-t0_firmware","cpes":["cpe:2.3:o:zyxel:pm3100-t0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.42(acbf.2.1)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"pm5100-t0_firmware","cpes":["cpe:2.3:o:zyxel:pm5100-t0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.42\\(acbf.2.1\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"pm7300-t0_firmware","cpes":["cpe:2.3:o:zyxel:pm7300-t0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.42\\(abyy.2.2\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"pm7500-t0_firmware","cpes":["cpe:2.3:o:zyxel:pm7500-t0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.61\\(ackk.0\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"px3321-t1_firmware","cpes":["cpe:2.3:o:zyxel:px3321-t1_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.44\\(acjb.1\\)c0","versionType":"custom"},{"version":"0","status":"affected","lessThanOrEqual":"5.44\\(achk.0.2\\)c0","versionType":"custom"}]},{"vendor":"zyxel","product":"px5301-t0_firmware","cpes":["cpe:2.3:o:zyxel:px5301-t0_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"5.44\\(ackb.0\\)c0","versionType":"custom"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-12-03T14:40:11.917455Z","id":"CVE-2024-8748","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-12-03T16:31:58.508Z"}}]}}