CVE-2025-6599

CWE-400Uncontrolled Resource Consumption3 documents3 sources
Severity
7.5HIGH
EPSS
0.1%
top 76.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
66
Zyxel Dx3301-t0 FirmwareZyxel Ax7501-b0 FirmwareZyxel Ax7501-b1 Firmware+63 more
Timeline
PublishedNov 18

Description

An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris‑style denial‑of‑service (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other networking services remain unaffected.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages67 packages

CVEListV5zyxel/dx3301-t0_firmware5.50(ABVY.6.3)C0
NVDzyxel/dx3301-t0_firmware5.50\(abvy.6.3\)c0
NVDzyxel/nr5103_firmware4.19\(abyc.8\)c0
NVDzyxel/nr5309_firmware1.00\(ackp.1\)b3
NVDzyxel/nr7302_firmware5.00\(acha.5\)c0

🔴Vulnerability Details

2
GHSA
GHSA-r99r-5wp8-8w99: An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 52025-11-18
CVEList
CVE-2025-6599: An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 52025-11-18
CVE-2025-6599 (HIGH CVSS 7.5) | An uncontrolled resource consumptio | cvebase.io