CVE-2025-7673

CRITICAL EPSS 41.6%
Published Jul 16, 202511mo ago · Modified Jun 17, 20262w ago
9.8 CVSS 3.1
Critical
Find Similar
Published Jul 16, 2025 11mo ago
Last Modified Jun 17, 2026 2w ago

Description

A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request.

CVSS Details

Base Score
9.8
Exploitability
3.9
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
41.6% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-120

Affected Products 52

VendorProductVersionRange
zyxelemg3525-t50b_firmware* <5.50\(abpm.4\)c0
zyxelemg3525-t50b*any
zyxelemg3525-t50b_firmware* <5.50\(absl.0\)b8
zyxelemg3525-t50b*any
zyxelemg5523-t50b_firmware* <5.50\(abpm.4\)c0
zyxelemg5523-t50b*any
zyxelemg5523-t50b_firmware* <5.50\(absl.0\)b8
zyxelemg5523-t50b*any
zyxelemg5723-t50k_firmware* <5.50\(abom.5\)c0
zyxelemg5723-t50k*any
zyxelemg6726-b10a_firmware* <5.13\(abnp.6\).c
zyxelemg6726-b10a*any
zyxelex3510-b0_firmware* <5.17\(abup.3\)c0
zyxelex3510-b0*any
zyxelex5510-b0_firmware* <5.15\(abqx.3\)c0
zyxelex5510-b0*any
zyxelvmg1312-t20b_firmware* <5.50\(absb.3\)c0
zyxelvmg1312-t20b*any
zyxelvmg3625-t50b_firmware* <5.50\(abpm.4\)c0
zyxelvmg3625-t50b*any
zyxelvmg3925-b10b_firmware* <5.13\(aavf.16\)c
zyxelvmg3925-b10b*any
zyxelvmg3925-b10c_firmware* <5.13\(aavf.16\)c
zyxelvmg3925-b10c*any
zyxelvmg3927-b50a_firmware* <5.15\(abmt.5\)c0
zyxelvmg3927-b50a*any
zyxelvmg3927-b60a_firmware* <5.15\(abmt.5\)c0
zyxelvmg3927-b60a*any
zyxelvmg3927-b50b_firmware* <5.13\(ably.6\)c0
zyxelvmg3927-b50b*any
zyxelvmg3927-t50k_firmware* <5.50\(abom.5\)c0
zyxelvmg3927-t50k*any
zyxelvmg4005-b50b_firmware* <5.13\(abrl.5\)c0
zyxelvmg4005-b50b*any
zyxelvmg4927-b50a_firmware* <5.13\(ably.6\)c0
zyxelvmg4927-b50a*any
zyxelvmg8623-t50b_firmware* <5.50\(abpm.4\)c0
zyxelvmg8623-t50b*any
zyxelvmg8825-b50a_firmware* <5.15\(abmt.5\)c0
zyxelvmg8825-b50a*any
zyxelvmg8825-b60a_firmware* <5.15\(abmt.5\)c0
zyxelvmg8825-b60a*any
zyxelvmg8825-bx0b_firmware* <5.17\(abny.5\)c0
zyxelvmg8825-bx0b*any
zyxelvmg8825-t50k_firmware* <5.50\(abom.5\)c0
zyxelvmg8825-t50k*any
zyxelvmg8924-b10d_firmware* <5.13\(abgq.6\)c0
zyxelvmg8924-b10d*any
zyxelxmg3927-b50a_firmware* <5.15\(abmt.5\)c0
zyxelxmg3927-b50a*any
zyxelxmg8825-b50a_firmware* <5.17\(abmt.5\)c0
zyxelxmg8825-b50a*any

References 1

  • zyxel.com https://www.zyxel.com/service-provider/global/en/zyxel-security-advisory-remote-code-execution-and-denial-service-vulnerabilities-cpe
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.