Primary

Context

Zyxel VMG8825-T50K Buffer Overflow Vulnerability in zhttpd Web Server Allowing Denial-of-Service and Potential Remote Code Execution

Vulnerability

Patched

A buffer overflow vulnerability has been identified in the URL parser of the zhttpd web server on Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0. This vulnerability could allow an unauthenticated attacker to cause denial-of-service conditions and potentially execute arbitrary code by sending a specially crafted HTTP request.

Impact

Exploitation of this vulnerability can lead to a denial-of-service condition and potentially allow for remote code execution on the affected device.

Remediation

Users can update to Zyxel VMG8825-T50K version V5.50(ABOM.5)C0, released in December 2020, to address this vulnerability.

Added: Jul 16, 2025, 7:18 AM

Updated: Jul 16, 2025, 7:18 AM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

7.0

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

7.0

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Zyxel VMG8825-T50K Buffer Overflow Vulnerability in zhttpd Web Server Allowing Denial-of-Service and Potential Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

Zyxel VMG8825-T50K

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating