CVE-2020-25014
published 2020-11-27CVE-2020-25014: A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zyxel | access_points_firmware | <= 6.10 | — |
| zyxel | access_points_firmware | — | — |
| zyxel | zld | 4.30 – 4.55 | — |