Zyxel WRE6505 V2 Denial-of-Service Vulnerability via Improper Encoding in Web Management Interface

Vulnerability

A denial-of-service vulnerability has been identified in the Zyxel WRE6505 V2 firmware version V1.00(ABDV.3)C0. The issue arises from improper encoding in the device's CGI program, which could allow an adjacent attacker on the WLAN to disrupt the web management interface. This could be achieved by convincing an authenticated administrator to access the 'AP Select' page while a malformed SSID is present.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition in the web management interface, causing disruptions in administrative tasks and potentially leaving the device in a state that requires manual intervention to restore normal functionality.

Added: Apr 21, 2026, 2:22 AM

Updated: Apr 21, 2026, 2:22 AM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

4.2

remediation

0.0

relevance

6.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

4.2

remediation

0.0

relevance

6.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Zyxel WRE6505 V2 Denial-of-Service Vulnerability via Improper Encoding in Web Management Interface

Vulnerability

Impact

Affected Products

Zyxel WRE6505

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating