Zyxel Emg3525-t50b_firmware
26 CVEs affecting Zyxel Emg3525-t50b_firmware. Latest disclosed: 2026-02-24. Critical: 1, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-7673 | Critical | 9.8 | 2025-07-16 | A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unau… |
CVE-2025-13943 | High | 8.8 | 2026-02-24 | A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could a… |
CVE-2025-8693 | High | 8.8 | 2025-11-18 | A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an a… |
CVE-2022-26413 | High | 8.0 | 2022-04-11 | A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execut… |
CVE-2024-8748 | High | 7.5 | 2024-12-03 | A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 c… |
CVE-2024-5412 | High | 7.5 | 2024-09-03 | A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to… |
CVE-2026-1459 | High | 7.2 | 2026-02-24 | A post-authentication command injection vulnerability in the TR-369 certificate download CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(A… |
CVE-2024-12010 | High | 7.2 | 2025-03-11 | A post-authentication command injection vulnerability in the ”zyUtilMailSend” function of the Zyxel AX7501-B1 firmware version V5.17(ABPC.5.3)C0 and earlier co… |
CVE-2024-12009 | High | 7.2 | 2025-03-11 | A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70(ACDZ.3.6)C0 and earlier could allow… |
CVE-2023-37929 | Medium | 6.5 | 2024-05-21 | The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause… |
CVE-2022-43392 | Medium | 6.5 | 2023-01-11 | A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker t… |
CVE-2022-43391 | Medium | 6.5 | 2023-01-11 | A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attac… |
CVE-2021-35036 | Medium | 6.5 | 2022-03-01 | A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain se… |
CVE-2022-26414 | Medium | 6.0 | 2022-04-11 | A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be explo… |
CVE-2024-0816 | Medium | 5.5 | 2024-05-21 | The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS… |
CVE-2022-43390 | Medium | 5.4 | 2023-01-11 | A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute… |
CVE-2025-6599 | Medium | 5.3 | 2025-11-18 | An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker t… |
CVE-2025-11848 | Medium | 4.9 | 2026-02-24 | A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Zyxel VMG3625-T50B firmware version through 5.50(ABPM.9.6)C0 and the Zyxel WX310… |
CVE-2025-11847 | Medium | 4.9 | 2026-02-24 | A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX31… |
CVE-2025-11846 | Medium | 4.9 | 2026-02-24 | A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel… |