CVE-2024-0816 — Classic Buffer Overflow in Zyxel Dx3300-t1 Firmware

CWE-120 — Classic Buffer Overflow3 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 75.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Zyxel Dx3300-t1 Firmware Zyxel Ax7501-b0 Firmware Zyxel Ax7501-b1 Firmware +62 more

Timeline

PublishedMay 21

Description

The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages66 packages

▶CVEListV5zyxel/dx3300-t1_firmwareV5.50(ABVY.4)C0

▶NVDzyxel/dx3300-t1_firmware5.50\(aby.4\)c0

▶NVDzyxel/dx4510_firmware5.17\(abyl.6\)c0

▶NVDzyxel/ex3510_firmware5.17\(abup.11\)c0

▶NVDzyxel/ex5510_firmware5.17\(abqx.9\)c0

🔴Vulnerability Details

CVEList

CVE-2024-0816: The buffer overflow vulnerability in the DX3300-T1 firmware version V5↗2024-05-21

▶

GHSA

GHSA-rxw4-5vgr-mq26: The buffer overflow vulnerability in the DX3300-T1 firmware version V5↗2024-05-21

▶