TROYANOSYVIRUS
Retour aux CVEs

CVE-2025-7673

CRITICAL
9.8

Description

A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request.

Details CVE

Score CVSS v3.19.8
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie7/16/2025
Derniere modification1/14/2026
Sourcenvd
Observations honeypot0

Produits affectes

zyxel:emg3525-t50bzyxel:emg3525-t50b_firmwarezyxel:emg5523-t50bzyxel:emg5523-t50b_firmwarezyxel:emg5723-t50kzyxel:emg5723-t50k_firmwarezyxel:emg6726-b10azyxel:emg6726-b10a_firmwarezyxel:ex3510-b0zyxel:ex3510-b0_firmwarezyxel:ex5510-b0zyxel:ex5510-b0_firmwarezyxel:vmg1312-t20bzyxel:vmg1312-t20b_firmwarezyxel:vmg3625-t50bzyxel:vmg3625-t50b_firmwarezyxel:vmg3925-b10bzyxel:vmg3925-b10b_firmwarezyxel:vmg3925-b10czyxel:vmg3925-b10c_firmwarezyxel:vmg3927-b50azyxel:vmg3927-b50a_firmwarezyxel:vmg3927-b50bzyxel:vmg3927-b50b_firmwarezyxel:vmg3927-b60azyxel:vmg3927-b60a_firmwarezyxel:vmg3927-t50kzyxel:vmg3927-t50k_firmwarezyxel:vmg4005-b50bzyxel:vmg4005-b50b_firmwarezyxel:vmg4927-b50azyxel:vmg4927-b50a_firmwarezyxel:vmg8623-t50bzyxel:vmg8623-t50b_firmwarezyxel:vmg8825-b50azyxel:vmg8825-b50a_firmwarezyxel:vmg8825-b60azyxel:vmg8825-b60a_firmwarezyxel:vmg8825-bx0bzyxel:vmg8825-bx0b_firmwarezyxel:vmg8825-t50kzyxel:vmg8825-t50k_firmwarezyxel:vmg8924-b10dzyxel:vmg8924-b10d_firmwarezyxel:xmg3927-b50azyxel:xmg3927-b50a_firmwarezyxel:xmg8825-b50azyxel:xmg8825-b50a_firmware

Faiblesses (CWE)

CWE-120

References

https://www.zyxel.com/service-provider/global/en/zyxel-security-advisory-remote-code-execution-and-denial-service-vulnerabilities-cpe(security@zyxel.com.tw)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.