Zyxel VMG8825-T50K
Moderate fix1 remedy
cpe:2.3:h:zyxel:vmg8825-t50k:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
- <= V5.50(ABOM.8.5)C0
Zyxel VMG8825-T50K Post-Authentication Command Injection Vulnerability in DNSServer Parameter
Vulnerability
Patched
A post-authentication command injection vulnerability has been identified in the Zyxel VMG8825-T50K router, specifically in the DNSServer parameter of the diagnostic function. This vulnerability affects firmware versions through V5.50(ABOM.8.5)C0. An authenticated attacker with administrator privileges could exploit this vulnerability to execute operating system commands on the affected device. The vulnerability requires access to the device's management interface, and the attack can only be successful if the administrator's password has been compromised.
Impact
Exploitation of this vulnerability allows for arbitrary command execution on the affected device's operating system.
Remediation
Users can upgrade to Zyxel firmware version V5.50(ABOM.8.6)C0 to address this vulnerability. For devices obtained through an ISP, contact the ISP's support team. For other devices, reach out to the local Zyxel support team or visit Zyxel's Community for assistance.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
7.5exploitability
4.4remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.