Zyxel Nebula Nr5101 Firmware vulnerabilities
5 known vulnerabilities affecting zyxel/nebula_nr5101_firmware.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2024-8748HIGHCVSS 7.5fixed in 1.16\(accg.1\)c02024-12-03
CVE-2024-8748 [HIGH] CWE-120 CVE-2024-8748: A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel
A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.
nvd
CVE-2024-0816MEDIUMCVSS 5.5v1.16\(accg.0\)c02024-05-21
CVE-2024-0816 [MEDIUM] CWE-120 CVE-2024-0816: The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an a
The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device.
nvd
CVE-2022-43390HIGHCVSS 8.8fixed in 1.15\(accg.3\)c02023-01-11
CVE-2022-43390 [MEDIUM] CWE-78 CVE-2022-43390: A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)
A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.
nvd
CVE-2022-43391MEDIUMCVSS 6.5fixed in 1.15\(accg.3\)c02023-01-11
CVE-2022-43391 [MEDIUM] CWE-120 CVE-2022-43391: A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior t
A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.
nvd
CVE-2022-43392MEDIUMCVSS 6.5fixed in 1.15\(accg.3\)c02023-01-11
CVE-2022-43392 [MEDIUM] CWE-120 CVE-2022-43392: A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.
A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.
nvd