Zyxel Nebula Fwa505 Firmware vulnerabilities
6 known vulnerabilities affecting zyxel/nebula_fwa505_firmware.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2025-11846MEDIUMCVSS 4.9fixed in 1.60\(acko.2\)v02026-02-24
CVE-2025-11846 [MEDIUM] CWE-476 CVE-2025-11846: A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T5
A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HT
nvd
CVE-2025-11845MEDIUMCVSS 4.9fixed in 1.60\(acko.2\)v02026-02-24
CVE-2025-11845 [MEDIUM] CWE-476 CVE-2025-11845: A null pointer dereference vulnerability in the certificate downloader CGI program of the Zyxel VMG3
A null pointer dereference vulnerability in the certificate downloader CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a craf
nvd
CVE-2025-11847MEDIUMCVSS 4.9fixed in 1.60\(acko.2\)v02026-02-24
CVE-2025-11847 [MEDIUM] CWE-476 CVE-2025-11847: A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B fi
A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP re
nvd
CVE-2025-6599HIGHCVSS 7.5≤ 1.19\(acko.0\)c02025-11-18
CVE-2025-6599 [MEDIUM] CWE-400 CVE-2025-6599: An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware ver
An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris‑style denial‑of‑service (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other n
nvd
CVE-2024-5412HIGHCVSS 7.5fixed in 1.18\(acko.4\)c02024-09-03
CVE-2024-5412 [HIGH] CWE-120 CVE-2024-5412: A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware versio
A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
nvd
CVE-2024-0816MEDIUMCVSS 5.5v1.18\(acko.1\)c02024-05-21
CVE-2024-0816 [MEDIUM] CWE-120 CVE-2024-0816: The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an a
The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device.
nvd