CVE-2023-37929: Buffer Overflow
First published: Tue May 21 2024(Updated: )
The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
Credit: security@zyxel.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMG VMG3625-T50B firmware | ||
| All of | ||
| Zyxel Dx3300-t1 | =5.50\(aby.4\)c0 | |
| Zyxel Dx3300-t1 Firmware | ||
| All of | ||
| Zyxel Dx3301-t0 Firmware | =5.50\(aby.4\)c0 | |
| Zyxel Dx3301-t0 Firmware | ||
| All of | ||
| Zyxel Dx4510 | =5.17\(abyl.5\)c0 | |
| Zyxel Dx4510-b1 Firmware | ||
| All of | ||
| Zyxel DX5401-B0 | =5.17\(abyo.5\)c0 | |
| Zyxel DX5401-B0 firmware | ||
| All of | ||
| Zyxel DX5401-B1 | =5.17\(abyo.5\)c0 | |
| Zyxel Dx5401-b1 Firmware | ||
| All of | ||
| Zyxel EMG3525-T50B Firmware | =5.50\(abpm.8\)c0 | |
| Zyxel EMG3525-T50B Firmware | ||
| All of | ||
| Zyxel EMG5523-T50B | =5.50\(abpm.8\)c0 | |
| Zyxel EMG5523-T50B Firmware | ||
| All of | ||
| Zyxel EMG5723-T50K Firmware | =5.50\(abom.8.2\)c0 | |
| Zyxel EMG5723-T50K | ||
| All of | ||
| Zyxel Ex3300-T1 | =5.50\(aby.4\)c0 | |
| Zyxel Ex3300-T1 | ||
| All of | ||
| Zyxel Ex3301-T0 | =5.50\(aby.4\)c0 | |
| Zyxel Ex3301-T0 | ||
| All of | ||
| Zyxel EX3500-T0 | =5.44\(achr.0\)c0 | |
| Zyxel EX3500-T0 | ||
| All of | ||
| Zyxel EX3501-T0 | =5.44\(achr.0\)c0 | |
| Zyxel EX3501-T0 | ||
| All of | ||
| Zyxel Ex3510 Firmware | =5.17\(abup.9\)c0 | |
| Zyxel Ex3510 Firmware | ||
| All of | ||
| Zyxel Ex5401-b0 | =5.17\(abyo.5\)c0 | |
| Zyxel Ex5401-b0 Firmware | ||
| All of | ||
| Zyxel Ex5401-B1 | =5.17\(abyo.5\)c0 | |
| Zyxel Ex5401-b1 Firmware | ||
| All of | ||
| Zyxel Ex5501-b0 | =5.17\(abry.4\)c0 | |
| Zyxel Ex5501-b0 Firmware | ||
| All of | ||
| Zyxel Ex5510 | =5.17\(abqx.8\)c0 | |
| Zyxel EX5510 | ||
| All of | ||
| Zyxel Ex5512-t0 | =5.70\(aceg.2\)c0 | |
| Zyxel Ex5512-t0 Firmware | ||
| All of | ||
| Zyxel Ex5600-t1 Firmware | =5.70\(acdz.2\)c0 | |
| Zyxel EX5600-T1 | ||
| All of | ||
| Zyxel Ex5601-t0 | =5.70\(acdz.2\)c0 | |
| Zyxel Ex5601-t0 Firmware | ||
| All of | ||
| Zyxel EX5601-T1 | =5.70\(acdz.2\)c0 | |
| Zyxel Ex5601-t1 Firmware | ||
| All of | ||
| Zyxel EX7710-B0 | =5.18\(acak.0\)c0 | |
| Zyxel EX7710-B0 | ||
| All of | ||
| VMG VMG3625-T50B firmware | =5.50\(abpm.8\)c0 | |
| Zyxel VMG3625-T50B firmware | ||
| All of | ||
| Zyxel VMG3927-T50K | =5.50\(abom.8.2\)c0 | |
| Zyxel VMG3927-T50K Firmware | ||
| All of | ||
| Zyxel VMG8623-T50B | =5.50\(abpm.8\)c0 | |
| Zyxel VMG8623-T50B Firmware | ||
| All of | ||
| Zyxel VMG8825-T50K | =5.50\(abom.8.2\)c0 | |
| Zyxel VMG8825-T50K firmware | ||
| All of | ||
| Zyxel AX7501-B0 | =5.17\(abpc.4\)c0 | |
| Zyxel AX7501-B0 firmware | ||
| All of | ||
| Zyxel Ax7501-b1 | =5.17\(abpc.4\)c0 | |
| Zyxel Ax7501-b1 Firmware | ||
| All of | ||
| Zyxel WX3100-T0 Firmware | =5.50\(abl.3\)c0 | |
| Zyxel WX3100-T0 Firmware | ||
| All of | ||
| Zyxel Wx5600-t0 Firmware | =5.70\(aceb.2\)c0 | |
| Zyxel Wx5600-t0 Firmware | ||
| All of | ||
| Zyxel WX5610-B0 | =5.18\(acgj.0\)c0 | |
| Zyxel WX5610-B0 Firmware | ||
| All of | ||
| Zyxel NBG7510 | =1.00\(abzy.5\)c0 | |
| Zyxel NBG7510 firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-37929?
CVE-2023-37929 is classified as a high-severity vulnerability due to its potential for leading to denial of service conditions.
How do I fix CVE-2023-37929?
To fix CVE-2023-37929, update the affected firmware of the Zyxel device to the latest version that addresses this vulnerability.
Which devices are affected by CVE-2023-37929?
CVE-2023-37929 affects several Zyxel devices, including the VMG3625-T50B firmware version V5.50(ABPM.8)C0.
What type of vulnerability is CVE-2023-37929?
CVE-2023-37929 is a buffer overflow vulnerability found in the CGI program of certain Zyxel device firmware.
Who can exploit CVE-2023-37929?
An authenticated remote attacker can exploit CVE-2023-37929 by sending crafted HTTP requests to the vulnerable device.
- agent/weakness
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/last-modified-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- vendor/vmg
- canonical/vmg vmg3625-t50b firmware
- vendor/zyxel
- canonical/zyxel dx3300-t1
- version/zyxel dx3300-t1/5.50\(aby.4\)c0
- canonical/zyxel dx3300-t1 firmware
- canonical/zyxel dx3301-t0 firmware
- version/zyxel dx3301-t0 firmware/5.50\(aby.4\)c0
- canonical/zyxel dx4510
- version/zyxel dx4510/5.17\(abyl.5\)c0
- canonical/zyxel dx4510-b1 firmware
- canonical/zyxel dx5401-b0
- version/zyxel dx5401-b0/5.17\(abyo.5\)c0
- canonical/zyxel dx5401-b0 firmware
- canonical/zyxel dx5401-b1
- version/zyxel dx5401-b1/5.17\(abyo.5\)c0
- canonical/zyxel dx5401-b1 firmware
- canonical/zyxel emg3525-t50b firmware
- version/zyxel emg3525-t50b firmware/5.50\(abpm.8\)c0
- canonical/zyxel emg5523-t50b
- version/zyxel emg5523-t50b/5.50\(abpm.8\)c0
- canonical/zyxel emg5523-t50b firmware
- canonical/zyxel emg5723-t50k firmware
- version/zyxel emg5723-t50k firmware/5.50\(abom.8.2\)c0
- canonical/zyxel emg5723-t50k
- canonical/zyxel ex3300-t1
- version/zyxel ex3300-t1/5.50\(aby.4\)c0
- canonical/zyxel ex3301-t0
- version/zyxel ex3301-t0/5.50\(aby.4\)c0
- canonical/zyxel ex3500-t0
- version/zyxel ex3500-t0/5.44\(achr.0\)c0
- canonical/zyxel ex3501-t0
- version/zyxel ex3501-t0/5.44\(achr.0\)c0
- canonical/zyxel ex3510 firmware
- version/zyxel ex3510 firmware/5.17\(abup.9\)c0
- canonical/zyxel ex5401-b0
- version/zyxel ex5401-b0/5.17\(abyo.5\)c0
- canonical/zyxel ex5401-b0 firmware
- canonical/zyxel ex5401-b1
- version/zyxel ex5401-b1/5.17\(abyo.5\)c0
- canonical/zyxel ex5401-b1 firmware
- canonical/zyxel ex5501-b0
- version/zyxel ex5501-b0/5.17\(abry.4\)c0
- canonical/zyxel ex5501-b0 firmware
- canonical/zyxel ex5510
- version/zyxel ex5510/5.17\(abqx.8\)c0
- canonical/zyxel ex5512-t0
- version/zyxel ex5512-t0/5.70\(aceg.2\)c0
- canonical/zyxel ex5512-t0 firmware
- canonical/zyxel ex5600-t1 firmware
- version/zyxel ex5600-t1 firmware/5.70\(acdz.2\)c0
- canonical/zyxel ex5600-t1
- canonical/zyxel ex5601-t0
- version/zyxel ex5601-t0/5.70\(acdz.2\)c0
- canonical/zyxel ex5601-t0 firmware
- canonical/zyxel ex5601-t1
- version/zyxel ex5601-t1/5.70\(acdz.2\)c0
- canonical/zyxel ex5601-t1 firmware
- canonical/zyxel ex7710-b0
- version/zyxel ex7710-b0/5.18\(acak.0\)c0
- version/vmg vmg3625-t50b firmware/5.50\(abpm.8\)c0
- canonical/zyxel vmg3625-t50b firmware
- canonical/zyxel vmg3927-t50k
- version/zyxel vmg3927-t50k/5.50\(abom.8.2\)c0
- canonical/zyxel vmg3927-t50k firmware
- canonical/zyxel vmg8623-t50b
- version/zyxel vmg8623-t50b/5.50\(abpm.8\)c0
- canonical/zyxel vmg8623-t50b firmware
- canonical/zyxel vmg8825-t50k
- version/zyxel vmg8825-t50k/5.50\(abom.8.2\)c0
- canonical/zyxel vmg8825-t50k firmware
- canonical/zyxel ax7501-b0
- version/zyxel ax7501-b0/5.17\(abpc.4\)c0
- canonical/zyxel ax7501-b0 firmware
- canonical/zyxel ax7501-b1
- version/zyxel ax7501-b1/5.17\(abpc.4\)c0
- canonical/zyxel ax7501-b1 firmware
- canonical/zyxel wx3100-t0 firmware
- version/zyxel wx3100-t0 firmware/5.50\(abl.3\)c0
- canonical/zyxel wx5600-t0 firmware
- version/zyxel wx5600-t0 firmware/5.70\(aceb.2\)c0
- canonical/zyxel wx5610-b0
- version/zyxel wx5610-b0/5.18\(acgj.0\)c0
- canonical/zyxel wx5610-b0 firmware
- canonical/zyxel nbg7510
- version/zyxel nbg7510/1.00\(abzy.5\)c0
- canonical/zyxel nbg7510 firmware