Zyxel VMG3625-T50B
Moderate fix1 remedy
cpe:2.3:h:zyxel:vmg3625-t50b:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
- <= 5.50(ABPM.9.6)C0
Zyxel VMG3625-T50B and WX3100-T0 Null Pointer Dereference Vulnerability Leading to Denial-of-Service
Vulnerability
Patched
A null pointer dereference vulnerability has been identified in the certificate downloader CGI program of the Zyxel VMG3625-T50B and WX3100-T0 firmware versions through 5.50(ABPM.9.6)C0 and 5.50(ABVL.4.8)C0, respectively. This vulnerability could allow an authenticated attacker with administrator privileges to trigger a denial-of-service condition by sending a crafted HTTP request. WAN access is disabled by default on these devices, and exploitation would require knowledge of user-configured passwords.
Impact
Exploitation of this vulnerability can lead to a denial-of-service condition, causing the device to become unresponsive or unavailable.
Remediation
Users can upgrade to Zyxel VMG3625-T50B version 5.50(ABPM.9.7)C0 or Zyxel WX3100-T0 version 5.50(ABVL.4.9)C0. For devices obtained through an ISP, contact the ISP's support team. For other devices, reach out to the local Zyxel support team or visit Zyxel's Community for assistance.
Added: Feb 24, 2026, 2:24 AM
Updated: Feb 24, 2026, 2:24 AM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
2.5exploitability
3.0remediation
7.7relevance
3.1threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.