CVE-2024-38266: Buffer Overflow
First published: Tue Sep 24 2024(Updated: )
An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
Credit: security@zyxel.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zyxel VMG8825-T50K | <=5.50(ABOM.8)C0 | |
| All of | ||
| Zyxel Dx3300-t0 | <5.50\(abvy.5\)c0 | |
| Zyxel Dx3301-t0 Firmware | ||
| All of | ||
| Zyxel Dx3300-t1 | <5.50\(abvy.5\)c0 | |
| Zyxel Dx3300-t1 Firmware | ||
| All of | ||
| Zyxel Dx3301-t0 Firmware | <5.50\(abvy.5\)c0 | |
| Zyxel Dx3301-t0 Firmware | ||
| All of | ||
| Zyxel Dx4510-b0 | <5.17\(abyl.6\)c0 | |
| Zyxel Dx4510-b0 Firmware | ||
| All of | ||
| Zyxel Dx4510-b1 | <5.17\(abyl.6\)c0 | |
| Zyxel Dx4510-b1 Firmware | ||
| All of | ||
| Zyxel DX5401-B0 | <5.17\(abyo.6\)c0 | |
| Zyxel DX5401-B0 firmware | ||
| All of | ||
| Zyxel DX5401-B1 | <5.17\(abyo.6\)c0 | |
| Zyxel Dx5401-b1 Firmware | ||
| All of | ||
| Zyxel Ex3300-T0 Firmware | <5.50\(abvy.5\)c0 | |
| Zyxel Ex3300-T0 Firmware | ||
| All of | ||
| Zyxel Ex3300-T1 | <5.50\(abvy.5\)c0 | |
| Zyxel Ex3300-T1 | ||
| All of | ||
| Zyxel Ex3301-T0 | <5.50\(abvy.5\)c0 | |
| Zyxel Ex3301-T0 | ||
| All of | ||
| Zyxel EX3500-T0 | <5.44\(achr.1\)c0 | |
| Zyxel EX3500-T0 | ||
| All of | ||
| Zyxel EX3501-T0 | <5.44\(achr.1\)c0 | |
| Zyxel EX3501-T0 | ||
| All of | ||
| Zyxel Ex3510-b0 | <5.17\(abup.11\)c0 | |
| Zyxel Ex3510-b0 Firmware | ||
| All of | ||
| Zyxel Ex3510-b1 Firmware | <5.17\(abup.11\)c0 | |
| Zyxel EX3510-B1 | ||
| All of | ||
| Zyxel Ex3600-t0 Firmware | <5.70\(acif.0.2\)c0 | |
| Zyxel Ex3600-t0 Firmware | ||
| All of | ||
| Zyxel Ex5401-b0 | <5.17\(abyo.6\)c0 | |
| Zyxel Ex5401-b0 Firmware | ||
| All of | ||
| Zyxel Ex5401-B1 | <5.17\(abyo.6\)c0 | |
| Zyxel Ex5401-b1 Firmware | ||
| All of | ||
| Zyxel EX5510 | <5.17\(abqx.9\)c0 | |
| Zyxel EX5510-B0 Firmware | ||
| All of | ||
| Zyxel Ex5512-t0 | <5.70\(aceg.3\)c1 | |
| Zyxel Ex5512-t0 Firmware | ||
| All of | ||
| Zyxel Ex5601-t0 | <5.70\(acdz.3\)c0 | |
| Zyxel Ex5601-t0 Firmware | ||
| All of | ||
| Zyxel EX5601-T1 | <5.70\(acdz.3\)c0 | |
| Zyxel Ex5601-t1 Firmware | ||
| All of | ||
| Zyxel Ex7501-b0 | <5.18\(achn.1\)c0 | |
| Zyxel Ex7501-b0 Firmware | ||
| All of | ||
| Zyxel EX7710-B0 | <5.18\(acak.1\)c0 | |
| Zyxel EX7710-B0 | ||
| All of | ||
| Zyxel EMG3525-T50B Firmware | <5.50\(abpm.9\)c0 | |
| Zyxel EMG3525-T50B Firmware | ||
| All of | ||
| Zyxel EMG5523-T50B | <5.50\(abpm.9\)c0 | |
| Zyxel EMG5523-T50B Firmware | ||
| All of | ||
| Zyxel EMG5723-T50K Firmware | <5.50\(abom.8\)c0 | |
| Zyxel EMG5723-T50K | ||
| All of | ||
| VMG VMG3625-T50B firmware | <5.50\(abpm.9\)c0 | |
| Zyxel VMG3625-T50B firmware | ||
| All of | ||
| Zyxel VMG3927-T50K | <5.50\(abom.8\)c0 | |
| Zyxel VMG3927-T50K Firmware | ||
| All of | ||
| Zyxel VMG4005-B50A firmware | <5.17\(abqa.2\)c0 | |
| Zyxel VMG4005-B50A firmware | ||
| All of | ||
| Zyxel VMG4005-B60A | <5.17\(abqa.2\)c0 | |
| Zyxel VMG4005-B60A | ||
| All of | ||
| Zyxel VMG8623-T50B | <5.50\(abpm.9\)c0 | |
| Zyxel VMG8623-T50B Firmware | ||
| All of | ||
| Zyxel VMG8825-T50K | <5.50\(abom.8\)c0 | |
| Zyxel VMG8825-T50K firmware | ||
| All of | ||
| Zyxel VMG8825-T50K | <5.50\(abpy.1\)b24 | |
| Zyxel VMG8825-T50K firmware | ||
| All of | ||
| Zyxel AX7501-B0 | <5.17\(abpc.5\)c0 | |
| Zyxel AX7501-B0 firmware | ||
| All of | ||
| Zyxel Ax7501-b1 | <5.17\(abpc.5\)c0 | |
| Zyxel Ax7501-b1 Firmware | ||
| All of | ||
| Zyxel PM3100-T0 Firmware | <5.42\(acbf.2\)c0 | |
| Zyxel PM3100-T0 Firmware | ||
| All of | ||
| Zyxel Pm5100-t0 | <5.42\(acbf.2\)c0 | |
| Zyxel PM5100-T0 Firmware | ||
| All of | ||
| Zyxel Pm7300-t0 Firmware | <5.42\(abyy.2.1\)c0 | |
| Zyxel Pm7300-t0 Firmware | ||
| All of | ||
| Zyxel Px3321-t1 | <5.44\(acjb.0\)c0 | |
| Zyxel Px3321-t1 Firmware | ||
| All of | ||
| Zyxel SCR50AXE Firmware | <1.10\(acgn.3\)c0 | |
| Zyxel SCR50AXE | ||
| All of | ||
| Zyxel WX3100-T0 Firmware | <5.50\(abvl.4.3\)c0 | |
| Zyxel WX3100-T0 Firmware | ||
| All of | ||
| Zyxel Wx3401-b0 Firmware | <5.17\(abve.2.5\)c0 | |
| Zyxel Wx3401-b0 Firmware | ||
| All of | ||
| Zyxel Wx5600-t0 Firmware | <5.70\(aceb.3.2\)c0 | |
| Zyxel Wx5600-t0 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-38266?
CVE-2024-38266 has a high severity due to its potential to cause memory corruption and affect device stability when exploited.
How do I fix CVE-2024-38266?
To fix CVE-2024-38266, update the Zyxel VMG8825-T50K firmware to version 5.50(ABOM.8)C0 or later.
What systems are affected by CVE-2024-38266?
CVE-2024-38266 affects Zyxel VMG8825-T50K firmware versions prior to 5.50(ABOM.8)C0.
Can CVE-2024-38266 be exploited remotely?
No, CVE-2024-38266 requires authenticated administrator privileges for exploitation.
What are the potential consequences of CVE-2024-38266?
Exploitation of CVE-2024-38266 may lead to memory corruption, potentially disrupting the operation of affected Zyxel devices.
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/last-modified-date
- agent/weakness
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- vendor/zyxel
- canonical/zyxel vmg8825-t50k
- canonical/zyxel dx3300-t0
- canonical/zyxel dx3301-t0 firmware
- canonical/zyxel dx3300-t1
- canonical/zyxel dx3300-t1 firmware
- canonical/zyxel dx4510-b0
- canonical/zyxel dx4510-b0 firmware
- canonical/zyxel dx4510-b1
- canonical/zyxel dx4510-b1 firmware
- canonical/zyxel dx5401-b0
- canonical/zyxel dx5401-b0 firmware
- canonical/zyxel dx5401-b1
- canonical/zyxel dx5401-b1 firmware
- canonical/zyxel ex3300-t0 firmware
- canonical/zyxel ex3300-t1
- canonical/zyxel ex3301-t0
- canonical/zyxel ex3500-t0
- canonical/zyxel ex3501-t0
- canonical/zyxel ex3510-b0
- canonical/zyxel ex3510-b0 firmware
- canonical/zyxel ex3510-b1 firmware
- canonical/zyxel ex3510-b1
- canonical/zyxel ex3600-t0 firmware
- canonical/zyxel ex5401-b0
- canonical/zyxel ex5401-b0 firmware
- canonical/zyxel ex5401-b1
- canonical/zyxel ex5401-b1 firmware
- canonical/zyxel ex5510
- canonical/zyxel ex5510-b0 firmware
- canonical/zyxel ex5512-t0
- canonical/zyxel ex5512-t0 firmware
- canonical/zyxel ex5601-t0
- canonical/zyxel ex5601-t0 firmware
- canonical/zyxel ex5601-t1
- canonical/zyxel ex5601-t1 firmware
- canonical/zyxel ex7501-b0
- canonical/zyxel ex7501-b0 firmware
- canonical/zyxel ex7710-b0
- canonical/zyxel emg3525-t50b firmware
- canonical/zyxel emg5523-t50b
- canonical/zyxel emg5523-t50b firmware
- canonical/zyxel emg5723-t50k firmware
- canonical/zyxel emg5723-t50k
- canonical/vmg vmg3625-t50b firmware
- canonical/zyxel vmg3625-t50b firmware
- canonical/zyxel vmg3927-t50k
- canonical/zyxel vmg3927-t50k firmware
- canonical/zyxel vmg4005-b50a firmware
- canonical/zyxel vmg4005-b60a
- canonical/zyxel vmg8623-t50b
- canonical/zyxel vmg8623-t50b firmware
- canonical/zyxel vmg8825-t50k firmware
- canonical/zyxel ax7501-b0
- canonical/zyxel ax7501-b0 firmware
- canonical/zyxel ax7501-b1
- canonical/zyxel ax7501-b1 firmware
- canonical/zyxel pm3100-t0 firmware
- canonical/zyxel pm5100-t0
- canonical/zyxel pm5100-t0 firmware
- canonical/zyxel pm7300-t0 firmware
- canonical/zyxel px3321-t1
- canonical/zyxel px3321-t1 firmware
- canonical/zyxel scr50axe firmware
- canonical/zyxel scr50axe
- canonical/zyxel wx3100-t0 firmware
- canonical/zyxel wx3401-b0 firmware
- canonical/zyxel wx5600-t0 firmware