CWE
120 119
Advisory Published
Updated

CVE-2022-26414: Buffer Overflow

First published: Mon Apr 11 2022(Updated: )

A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.

Credit: security@zyxel.com.tw

Affected SoftwareAffected VersionHow to fix
Zyxel VMG3312-T20A firmware=5.30\(abfx.5\)c0
Zyxel VMG3312-T20A firmware
Zyxel EMG3525-T50B Firmware<5.50\(abpm.6\)c0
Zyxel EMG3525-T50B Firmware<5.50\(abpm.6\)c0
Zyxel EMG3525-T50B Firmware
Zyxel EMG5523-T50B<5.50\(abpm.6\)c0
Zyxel EMG5523-T50B<5.50\(abpm.6\)c0
Zyxel EMG5523-T50B Firmware
Zyxel EMG5723-T50K Firmware<5.50\(abom.7\)c0
Zyxel EMG5723-T50K
Zyxel EMG6726-B10A<5.13\(abnp.7\)c0
Zyxel EMG6726-B10A Firmware
Zyxel VMG1312-T20B<5.50\(absb.5\)c0
Zyxel VMG1312-T20B
VMG VMG3625-T50B firmware<5.50\(abpm.6\)c0
Zyxel VMG3625-T50B firmware
Zyxel XMG3927-B50A<5.17\(abmt.6\)c0
Zyxel XMG3927-B50A
Zyxel VMG3927-B50B<5.13\(ably.7\)c0
Zyxel VMG3927-B50B Firmware
Zyxel VMG3927-B60A<5.17\(abmt.6\)c0
Zyxel VMG3927-B60A Firmware
Zyxel VMG3927-T50K<5.50\(abom.7\)c0
Zyxel VMG3927-T50K Firmware
Zyxel Vmg4927-b50a Firmware<5.13\(ably.7\)c0
Zyxel VMG4927-B50A
Zyxel VMG8623-T50B<5.50\(abpm.6\)c0
Zyxel VMG8623-T50B Firmware
Zyxel Xmg8825-b50a Firmware<5.17\(abmt.6\)c0
Zyxel Xmg8825-b50a Firmware
Zyxel VMG8825-B50B<5.17\(abny.7\)c0
Zyxel VMG8825-B50B
Zyxel VMG8825-T50K<5.50\(abom.7\)c0
Zyxel VMG8825-T50K firmware
Zyxel Vmg8825-B60A<5.17\(abmt.6\)c0
Zyxel VMG8825-B60A
Zyxel VMG8825-B60B<5.17\(abny.7\)c0
Zyxel VMG8825-B60B Firmware
Zyxel XMG3927-B50A<5.17\(abmt.6\)c0
Zyxel XMG3927-B50A
Zyxel XMG8825-B50A<5.17\(abmt.6\)c0
Zyxel XMG8825-B50A
Zyxel DX5401-B0<5.17\(abyo.1\)c0
Zyxel DX5401-B0 firmware
Zyxel Ex3510-b0<5.17\(abup.4\)c1
Zyxel Ex3510-b0 Firmware
Zyxel Ex5401-b0<5.17\(abyo.1\)c0
Zyxel Ex5401-b0 Firmware
Zyxel Ex5501-b0<5.17\(abry.2\)c0
Zyxel Ex5501-b0 Firmware
Zyxel AX7501-B0<5.17\(abpc.1\)c0
Zyxel AX7501-B0 firmware
Zyxel Ep240p Firmware<5.40\(abh.0\)c0
Zyxel EP240P
Zyxel Pm7300-t0 Firmware<5.42\(acbc.1\)c0
Zyxel Pm7300-t0 Firmware
Zyxel PMG5317-T20B<5.40\(abki.4\)c0
Zyxel PMG5317-T20B Firmware
Zyxel PMG5617GA<5.40\(abna.2\)c0
Zyxel PMG5617GA Firmware
Zyxel PMG5617-T20B2<5.41\(acbb.1\)c0
Zyxel PMG5617-T20B2 Firmware
Zyxel PMG5622GA<5.40\(abnb.2\)c0
Zyxel PMG5622GA Firmware
Zyxel Px7501-B0 Firmware<5.17\(abpc.1\)c0
Zyxel Px7501-B0 Firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-2022-26414?

    CVE-2022-26414 has a severity rating that suggests it can lead to a denial of service if exploited.

  • How do I fix CVE-2022-26414?

    To fix CVE-2022-26414, update the Zyxel VMG3312-T20A firmware to a version that addresses this vulnerability.

  • Who is affected by CVE-2022-26414?

    CVE-2022-26414 primarily affects users of the Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0.

  • Can CVE-2022-26414 be exploited remotely?

    CVE-2022-26414 requires local authenticated access, hence it is not a remote exploitation vulnerability.

  • What are the potential impacts of CVE-2022-26414?

    The potential impact of CVE-2022-26414 includes causing a denial of service on the affected device.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203