Dx5401\-B0_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Dx5401\-B0_firmware
(Zyxel)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	17

Date	Id	Summary	Products	Score	Patch	Annotated
2023-04-27	CVE-2023-28770	The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file.	Dx5401\-B0_firmware	7.5
2024-05-21	CVE-2024-0816	The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device.	Ax7501\-B0_firmware, Ax7501\-B1_firmware, Dx3300\-T1_firmware, Dx3301\-T0_firmware, Dx4510_firmware, Dx5401\-B0_firmware, Dx5401\-B1_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3300\-T1_firmware, Ex3301\-T0_firmware, Ex3320\-T0_firmware, Ex3320\-T1_firmware, Ex3500\-T0_firmware, Ex3501\-T0_firmware, Ex3510_firmware, Ex5401\-B0_firmware, Ex5401\-B1_firmware, Ex5501\-B0_firmware, Ex5510_firmware, Ex5512\-T0_firmware, Ex5600\-T1_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Ex7710\-B0_firmware, Lte3202\-M437_firmware, Lte3301\-Plus_firmware, Lte5388\-M804_firmware, Lte5398\-M904_firmware, Lte7240\-M403_firmware, Lte7480\-M804_firmware, Lte7490\-M904_firmware, Nbg7510_firmware, Nebula_fwa505_firmware, Nebula_fwa510_firmware, Nebula_fwa710_firmware, Nebula_lte3301\-Plus_firmware, Nebula_lte7461\-M602_firmware, Nebula_nr5101_firmware, Nebula_nr7101_firmware, Nr5103_firmware, Nr5103e_firmware, Nr5103ev2_firmware, Nr5307_firmware, Nr7101_firmware, Nr7102_firmware, Nr7103_firmware, Nr7302_firmware, Nr7303_firmware, Nr7501_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Px3321\-T1_firmware, Vmg3625\-T50b_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware, Wx5610\-B0_firmware	N/A
2024-05-21	CVE-2023-37929	The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.	Ax7501\-B0_firmware, Ax7501\-B1_firmware, Dx3300\-T1_firmware, Dx3301\-T0_firmware, Dx4510_firmware, Dx5401\-B0_firmware, Dx5401\-B1_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3300\-T1_firmware, Ex3301\-T0_firmware, Ex3500\-T0_firmware, Ex3501\-T0_firmware, Ex3510_firmware, Ex5401\-B0_firmware, Ex5401\-B1_firmware, Ex5501\-B0_firmware, Ex5510_firmware, Ex5512\-T0_firmware, Ex5600\-T1_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Ex7710\-B0_firmware, Nbg7510_firmware, Vmg3625\-T50b_firmware, Vmg3927\-T50k_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx5600\-T0_firmware, Wx5610\-B0_firmware	N/A
2024-09-24	CVE-2024-38266	An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.	Ax7501\-B0_firmware, Ax7501\-B1_firmware, Dx3300\-T0_firmware, Dx3300\-T1_firmware, Dx3301\-T0_firmware, Dx4510\-B0_firmware, Dx4510\-B1_firmware, Dx5401\-B0_firmware, Dx5401\-B1_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3300\-T0_firmware, Ex3300\-T1_firmware, Ex3301\-T0_firmware, Ex3500\-T0_firmware, Ex3501\-T0_firmware, Ex3510\-B0_firmware, Ex3510\-B1_firmware, Ex3600\-T0_firmware, Ex5401\-B0_firmware, Ex5401\-B1_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Ex7501\-B0_firmware, Ex7710\-B0_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Px3321\-T1_firmware, Scr50axe_firmware, Vmg3625\-T50b_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware	4.9
2024-12-03	CVE-2024-8748	A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.	Ax7501\-B0_firmware, Ax7501\-B1_firmware, Dx3300\-T0_firmware, Dx3300\-T1_firmware, Dx3301\-T0_firmware, Dx4510\-B0_firmware, Dx4510\-B1_firmware, Dx5401\-B0_firmware, Dx5401\-B1_firmware, Ee6510\-10_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Emg6726\-B10a_firmware, Ex2210\-T0_firmware, Ex3300\-T0_firmware, Ex3300\-T1_firmware, Ex3301\-T0_firmware, Ex3500\-T0_firmware, Ex3501\-T0_firmware, Ex3510\-B0_firmware, Ex3510\-B1_firmware, Ex3600\-T0_firmware, Ex5401\-B0_firmware, Ex5401\-B1_firmware, Ex5501\-B0_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5600\-T1_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Ex7501\-B0_firmware, Ex7710\-B0_firmware, Lte3301\-Plus_firmware, Lte5388\-M804_firmware, Lte5398\-M904_firmware, Lte7480\-M804_firmware, Lte7490\-M904_firmware, Nebula_lte3301\-Plus_firmware, Nebula_nr5101_firmware, Nebula_nr7101_firmware, Nr7101_firmware, Nr7102_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Pm7500\-T0_firmware, Px3321\-T1_firmware, Px5301\-T0_firmware, Vmg3625\-T50b_firmware, Vmg3927\-B50b_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B50b_firmware, Vmg4005\-B60a_firmware, Vmg4927\-B50a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx3401\-B1_firmware, Wx5600\-T0_firmware, Wx5610\-B0_firmware	N/A
2024-12-03	CVE-2024-9197	A post-authentication buffer overflow vulnerability in the parameter "action" of the CGI program in Zyxel VMG3625-T50B firmware versions through V5.50(ABPM.9.2)C0 could allow an authenticated attacker with administrator privileges to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP GET request to a vulnerable device if the function ZyEE is enabled.	Ax7501\-B0_firmware, Ax7501\-B1_firmware, Dx3300\-T0_firmware, Dx3300\-T1_firmware, Dx3301\-T0_firmware, Dx4510\-B0_firmware, Dx4510\-B1_firmware, Dx5401\-B0_firmware, Dx5401\-B1_firmware, Ee6510\-10_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3300\-T0_firmware, Ex3300\-T1_firmware, Ex3301\-T0_firmware, Ex3500\-T0_firmware, Ex3501\-T0_firmware, Ex3510\-B0_firmware, Ex3510\-B1_firmware, Ex3600\-T0_firmware, Ex5401\-B0_firmware, Ex5401\-B1_firmware, Ex5501\-B0_firmware, Ex5510\-B0_firmware, Ex5600\-T1_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Ex7501\-B0_firmware, Px3321\-T1_firmware, Px5301\-T0_firmware, Vmg3625\-T50b_firmware, Vmg3927\-T50k_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx5600\-T0_firmware	4.9
2022-03-01	CVE-2021-35036	A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.	Ax7501\-B0_firmware, Dx3301\-T0_firmware, Dx5401\-B0_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ep240p_firmware, Ex5401\-B0_firmware, Ex5501\-B0_firmware, Lte3301\-Plus_firmware, Lte5388\-M804_firmware, Lte5388\-S905_firmware, Lte5398\-M904_firmware, Lte7240\-M403_firmware, Lte7461\-M602_firmware, Lte7480\-M804_firmware, Lte7480\-S905_firmware, Lte7485\-S905_firmware, Lte7490\-M804_firmware, Nr5101_firmware, Nr7101_firmware, Nr7102_firmware, Pm7300\-T0_firmware, Pmg5317\-T20b_firmware, Pmg5617\-T20b2_firmware, Pmg5617ga_firmware, Pmg5622ga_firmware, Vmg3625\-T50b_firmware, Vmg3927\-T50k_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware	6.5
2022-04-11	CVE-2022-26413	A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.	Ax7501\-B0_firmware, Dx5401\-B0_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Emg6726\-B10a_firmware, Ep240p_firmware, Ex3510\-B0_firmware, Ex5401\-B0_firmware, Ex5501\-B0_firmware, Pm7300\-T0_firmware, Pmg5317\-T20b_firmware, Pmg5617\-T20b2_firmware, Pmg5617ga_firmware, Pmg5622ga_firmware, Px7501\-B0_firmware, Vmg1312\-T20b_firmware, Vmg3312\-T20a_firmware, Vmg3625\-T50b_firmware, Vmg3927\-B50a_firmware, Vmg3927\-B50b_firmware, Vmg3927\-B60a_firmware, Vmg3927\-T50k_firmware, Vmg4927\-B50a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-B50a_firmware, Vmg8825\-B50b_firmware, Vmg8825\-B60a_firmware, Vmg8825\-B60b_firmware, Vmg8825\-T50k_firmware, Xmg3927\-B50a_firmware, Xmg8825\-B50a_firmware	8.0
2022-04-11	CVE-2022-26414	A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.	Ax7501\-B0_firmware, Dx5401\-B0_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Emg6726\-B10a_firmware, Ep240p_firmware, Ex3510\-B0_firmware, Ex5401\-B0_firmware, Ex5501\-B0_firmware, Pm7300\-T0_firmware, Pmg5317\-T20b_firmware, Pmg5617\-T20b2_firmware, Pmg5617ga_firmware, Pmg5622ga_firmware, Px7501\-B0_firmware, Vmg1312\-T20b_firmware, Vmg3312\-T20a_firmware, Vmg3625\-T50b_firmware, Vmg3927\-B50a_firmware, Vmg3927\-B50b_firmware, Vmg3927\-B60a_firmware, Vmg3927\-T50k_firmware, Vmg4927\-B50a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-B50a_firmware, Vmg8825\-B50b_firmware, Vmg8825\-B60a_firmware, Vmg8825\-B60b_firmware, Vmg8825\-T50k_firmware, Xmg3927\-B50a_firmware, Xmg8825\-B50a_firmware	5.5
2023-01-11	CVE-2022-43390	A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.	Ax7501\-B0_firmware, Dx3301\-T0_firmware, Dx4510\-B1_firmware, Dx5401\-B0_firmware, Emg3525\-T50b_firmware, Emg5523\-T50b_firmware, Emg5723\-T50k_firmware, Ex3301\-T0_firmware, Ex3510\-B0_firmware, Ex5401\-B0_firmware, Ex5501\-B0_firmware, Ex5510\-B0_firmware, Ex5512\-T0_firmware, Ex5600\-T1_firmware, Ex5601\-T0_firmware, Ex5601\-T1_firmware, Lte7480\-M804_firmware, Lte7490\-M904_firmware, Nebula_nr5101_firmware, Nebula_nr7101_firmware, Nr5101_firmware, Nr7101_firmware, Nr7102_firmware, Pm3100\-T0_firmware, Pm5100\-T0_firmware, Pm7300\-T0_firmware, Pm7320\-B0_firmware, Pmg5317\-T20b_firmware, Pmg5617\-T20b2_firmware, Pmg5617ga_firmware, Pmg5622ga_firmware, Vmg3927\-T50k_firmware, Vmg4005\-B50a_firmware, Vmg4005\-B60a_firmware, Vmg8623\-T50b_firmware, Vmg8825\-T50k_firmware, Wx3100\-T0_firmware, Wx3401\-B0_firmware, Wx5600\-T0_firmware	8.8