CVE-2024-0816

Published: May 21, 2024Modified: Jan 22, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: security@zyxel.com.tw (Secondary)

Description

The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device.

Affected (65)

Products: Zyxel: Lte3202 M437 Firmware, Lte3301 Plus Firmware, Lte5388 M804 Firmware, Lte5398 M904 Firmware, Lte7240 M403 Firmware, Lte7480 M804 Firmware, Lte7490 M904 Firmware, Nr5103 Firmware, Nr5103e Firmware, Nr5103ev2 Firmware, Nr5307 Firmware, Nr7101 Firmware, Nr7102 Firmware, Nr7103 Firmware, Nr7302 Firmware, Nr7303 Firmware, Nr7501 Firmware, Nebula Fwa505 Firmware, Nebula Fwa510 Firmware, Nebula Fwa710 Firmware, Nebula Lte3301 Plus Firmware, Nebula Lte7461 M602 Firmware, Nebula Nr5101 Firmware, Nebula Nr7101 Firmware, Dx3300 T1 Firmware, Dx3301 T0 Firmware, Dx4510 Firmware, Dx5401 B0 Firmware, Dx5401 B1 Firmware, Emg3525 T50b Firmware, Emg5523 T50b Firmware, Emg5723 T50k Firmware, Ex3300 T1 Firmware, Ex3301 T0 Firmware, Ex3320 T0 Firmware, Ex3320 T1 Firmware, Ex3500 T0 Firmware, Ex3501 T0 Firmware, Ex3510 Firmware, Ex5401 B0 Firmware, Ex5401 B1 Firmware, Ex5501 B0 Firmware, Ex5510 Firmware, Ex5512 T0 Firmware, Ex5600 T1 Firmware, Ex5601 T0 Firmware, Ex5601 T1 Firmware, Ex7710 B0 Firmware, Vmg3625 T50b Firmware, Vmg3927 T50k Firmware, Vmg4005 B50a Firmware, Vmg4005 B60a Firmware, Vmg8623 T50b Firmware, Vmg8825 T50k Firmware, Ax7501 B0 Firmware, Ax7501 B1 Firmware, Pm3100 T0 Firmware, Pm5100 T0 Firmware, Pm7300 T0 Firmware, Px3321 T1 Firmware, Wx3100 T0 Firmware, Wx3401 B0 Firmware, Wx5600 T0 Firmware, Wx5610 B0 Firmware, Nbg7510 Firmware

Zyxel

65 products

Lte3202 M437 Firmware

Lte3301 Plus Firmware

Lte5388 M804 Firmware

Lte5398 M904 Firmware

Lte7240 M403 Firmware

Lte7480 M804 Firmware

Lte7490 M904 Firmware

Nebula Fwa505 Firmware

Nebula Fwa510 Firmware

Nebula Fwa710 Firmware

Nebula Lte3301 Plus Firmware

Nebula Lte7461 M602 Firmware

Nebula Nr5101 Firmware

Nebula Nr7101 Firmware

Emg3525 T50b Firmware

Emg5523 T50b Firmware

Emg5723 T50k Firmware

Vmg3625 T50b Firmware

Vmg3927 T50k Firmware

Vmg4005 B50a Firmware

Vmg4005 B60a Firmware

Vmg8623 T50b Firmware

Vmg8825 T50k Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Lte3202 M437 Firmware	Version 1.00(abwf.3)c0

Running on/with	Platform Versions
Zyxel Lte3202 M437	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Lte3301 Plus Firmware	Version 1.00(abqu.5)c0

Running on/with	Platform Versions
Zyxel Lte3301 Plus	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Lte5388 M804 Firmware	Version 1.00(absq.4)c0

Running on/with	Platform Versions
Zyxel Lte5388 M804	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Lte5398 M904 Firmware	Version 1.00(abq.4)c0

Running on/with	Platform Versions
Zyxel Lte5398 M904	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Lte7240 M403 Firmware	Version 2.00(abmg.7)c0

Running on/with	Platform Versions
Zyxel Lte7240 M403	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Lte7480 M804 Firmware	Version 1.00(abra.8)c0

Running on/with	Platform Versions
Zyxel Lte7480 M804	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Lte7490 M904 Firmware	Version 1.00(abqy.7)c0

Running on/with	Platform Versions
Zyxel Lte7490 M904	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nr5103 Firmware	Version 4.19(abyc.5)c0

Running on/with	Platform Versions
Zyxel Nr5103	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nr5103e Firmware	Version 1.00(acdj.1)b3

Running on/with	Platform Versions
Zyxel Nr5103e	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nr5103ev2 Firmware	Version 1.00(aciq.0)c0

Running on/with	Platform Versions
Zyxel Nr5103ev2	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nr5307 Firmware	Version 1.00(acjt.0)b4

Running on/with	Platform Versions
Zyxel Nr5307	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nr7101 Firmware	Version 1.00(abu.9)c0

Running on/with	Platform Versions
Zyxel Nr7101	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nr7102 Firmware	Version 1.00(abyd.2)c0

Running on/with	Platform Versions
Zyxel Nr7102	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nr7103 Firmware	Version 1.00(accz.2)c0

Running on/with	Platform Versions
Zyxel Nr7103	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nr7302 Firmware	Version 1.00(acha.2)c0

Running on/with	Platform Versions
Zyxel Nr7302	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nr7303 Firmware	Version 1.00(acei.0)c0

Running on/with	Platform Versions
Zyxel Nr7303	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nr7501 Firmware	Version 1.00(aceh.0)c0

Running on/with	Platform Versions
Zyxel Nr7501	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nebula Fwa505 Firmware	Version 1.18(acko.1)c0

Running on/with	Platform Versions
Zyxel Nebula Fwa505	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nebula Fwa510 Firmware	Version 1.18(acgd.1)c0

Running on/with	Platform Versions
Zyxel Nebula Fwa510	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nebula Fwa710 Firmware	Version 1.17(acgc.0)c0

Running on/with	Platform Versions
Zyxel Nebula Fwa710	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nebula Lte3301 Plus Firmware	Version 1.17(acca.0)c0

Running on/with	Platform Versions
Zyxel Nebula Lte3301 Plus	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nebula Lte7461 M602 Firmware	Version 1.15(ace.3)c0

Running on/with	Platform Versions
Zyxel Nebula Lte7461 M602	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nebula Nr5101 Firmware	Version 1.16(accg.0)c0

Running on/with	Platform Versions
Zyxel Nebula Nr5101	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nebula Nr7101 Firmware	Version 1.16(accc.0)c0

Running on/with	Platform Versions
Zyxel Nebula Nr7101	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Dx3300 T1 Firmware	Version 5.50(aby.4)c0

Running on/with	Platform Versions
Zyxel Dx3300 T1	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Dx3301 T0 Firmware	Version 5.50(aby.4)c0

Running on/with	Platform Versions
Zyxel Dx3301 T0	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Dx4510 Firmware	Version 5.17(abyl.6)c0

Running on/with	Platform Versions
Zyxel Dx4510	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Dx5401 B0 Firmware	Version 5.17(abyo.5)c0

Running on/with	Platform Versions
Zyxel Dx5401 B0	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Dx5401 B1 Firmware	Version 5.17(abyo.5)c0

Running on/with	Platform Versions
Zyxel Dx5401 B1	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Emg3525 T50b Firmware	Version 5.50(abpm.8)c0

Running on/with	Platform Versions
Zyxel Emg3525 T50b	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Emg5523 T50b Firmware	Version 5.50(abpm.8)c0

Running on/with	Platform Versions
Zyxel Emg5523 T50b	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Emg5723 T50k Firmware	Version 5.50(abom.8.2)c0

Running on/with	Platform Versions
Zyxel Emg5723 T50k	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex3300 T1 Firmware	Version 5.50(aby.4)c0

Running on/with	Platform Versions
Zyxel Ex3300 T1	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex3301 T0 Firmware	Version 5.50(aby.4)c0

Running on/with	Platform Versions
Zyxel Ex3301 T0	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex3320 T0 Firmware	Version 5.71(yak.2)d0

Running on/with	Platform Versions
Zyxel Ex3320 T0	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex3320 T1 Firmware	Version 5.71(yap.0)c0

Running on/with	Platform Versions
Zyxel Ex3320 T1	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex3500 T0 Firmware	Version 5.44(achr.0)c0

Running on/with	Platform Versions
Zyxel Ex3500 T0	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex3501 T0 Firmware	Version 5.44(achr.0)c0

Running on/with	Platform Versions
Zyxel Ex3501 T0	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex3510 Firmware	Version 5.17(abup.11)c0

Running on/with	Platform Versions
Zyxel Ex3510	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex5401 B0 Firmware	Version 5.17(abyo.5)c0

Running on/with	Platform Versions
Zyxel Ex5401 B0	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex5401 B1 Firmware	Version 5.17(abyo.5)c0

Running on/with	Platform Versions
Zyxel Ex5401 B1	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex5501 B0 Firmware	Version 5.17(abry.4)c0

Running on/with	Platform Versions
Zyxel Ex5501 B0	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex5510 Firmware	Version 5.17(abqx.9)c0

Running on/with	Platform Versions
Zyxel Ex5510	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex5512 T0 Firmware	Version 5.70(aceg.2)c0

Running on/with	Platform Versions
Zyxel Ex5512 T0	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex5600 T1 Firmware	Version 5.70(acdz.2)c0

Running on/with	Platform Versions
Zyxel Ex5600 T1	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex5601 T0 Firmware	Version 5.70(acdz.2)c0

Running on/with	Platform Versions
Zyxel Ex5601 T0	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex5601 T1 Firmware	Version 5.70(acdz.2)c0

Running on/with	Platform Versions
Zyxel Ex5601 T1	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ex7710 B0 Firmware	Version 5.18(acak.0)c0

Running on/with	Platform Versions
Zyxel Ex7710 B0	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Vmg3625 T50b Firmware	Version 5.50(abpm.8)c0

Running on/with	Platform Versions
Zyxel Vmg3625 T50b	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Vmg3927 T50k Firmware	Version 5.50(abom.8.2)c0

Running on/with	Platform Versions
Zyxel Vmg3927 T50k	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Vmg4005 B50a Firmware	Version 5.17(abqa.2)c0

Running on/with	Platform Versions
Zyxel Vmg4005 B50a	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Vmg4005 B60a Firmware	Version 5.17(abqa.2)c0

Running on/with	Platform Versions
Zyxel Vmg4005 B60a	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Vmg8623 T50b Firmware	Version 5.50(abpm.8)c0

Running on/with	Platform Versions
Zyxel Vmg8623 T50b	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Vmg8825 T50k Firmware	Version 5.50(abom.8.2)c0

Running on/with	Platform Versions
Zyxel Vmg8825 T50k	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ax7501 B0 Firmware	Version 5.17(abpc.4)c0

Running on/with	Platform Versions
Zyxel Ax7501 B0	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Ax7501 B1 Firmware	Version 5.17(abpc.4)c0

Running on/with	Platform Versions
Zyxel Ax7501 B1	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Pm3100 T0 Firmware	Version 5.42(acbf.1.2)c0

Running on/with	Platform Versions
Zyxel Pm3100 T0	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Pm5100 T0 Firmware	Version 5.42(acbf.1.2)c0

Running on/with	Platform Versions
Zyxel Pm5100 T0	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Pm7300 T0 Firmware	Version 5.42(abyy.1)c0

Running on/with	Platform Versions
Zyxel Pm7300 T0	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Px3321 T1 Firmware	Version 5.44(acjb.0)c0

Running on/with	Platform Versions
Zyxel Px3321 T1	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Wx3100 T0 Firmware	Version 5.50(abl.3)c0

Running on/with	Platform Versions
Zyxel Wx3100 T0	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Wx3401 B0 Firmware	Version 5.17(abe.2)c0

Running on/with	Platform Versions
Zyxel Wx3401 B0	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Wx5600 T0 Firmware	Version 5.70(acdz.2)c0

Running on/with	Platform Versions
Zyxel Wx5600 T0	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Wx5610 B0 Firmware	Version 5.18(acgj.0)c0

Running on/with	Platform Versions
Zyxel Wx5610 B0	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Nbg7510 Firmware	Version 1.00(abzy.6)c0

Running on/with	Platform Versions
Zyxel Nbg7510	All versions

Related CWEs

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (2)

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerabilities-in-some-5g-nr-4g-lte-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-home-router-devices-05-21-2024

Source: security@zyxel.com.tw

Vendor Advisory

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.