{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-7673", "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f", "state": "PUBLISHED", "assignerShortName": "Zyxel", "dateReserved": "2025-07-15T02:01:55.637Z", "datePublished": "2025-07-16T07:11:02.974Z", "dateUpdated": "2025-07-19T03:55:18.953Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "VMG8825-T50K firmware", "vendor": "Zyxel", "versions": [{"status": "affected", "version": "< V5.50(ABOM.5)C0"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request."}], "value": "A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f", "shortName": "Zyxel", "dateUpdated": "2025-07-16T07:11:02.974Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.zyxel.com/service-provider/global/en/zyxel-security-advisory-remote-code-execution-and-denial-service-vulnerabilities-cpe"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-18T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2025-7673"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-19T03:55:18.953Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-7673", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-07-16T14:35:07.300023Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-16T14:35:11.324Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Zyxel", "product": "VMG8825-T50K firmware", "versions": [{"status": "affected", "version": "< V5.50(ABOM.5)C0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.zyxel.com/service-provider/global/en/zyxel-security-advisory-remote-code-execution-and-denial-service-vulnerabilities-cpe", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request.", "supportingMedia": [{"type": "text/html", "value": "A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f", "shortName": "Zyxel", "dateUpdated": "2025-07-16T07:11:02.974Z"}}}, "cveMetadata": {"cveId": "CVE-2025-7673", "state": "PUBLISHED", "dateUpdated": "2025-07-19T03:55:18.953Z", "dateReserved": "2025-07-15T02:01:55.637Z", "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f", "datePublished": "2025-07-16T07:11:02.974Z", "assignerShortName": "Zyxel"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:emea:*:*:*", "matchCriteriaId": "79535B71-D720-4470-A94C-96EA82B283D1", "versionEndExcluding": "5.50\\(abpm.4\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", "matchCriteriaId": "9259E2F6-885D-4B44-8D40-20758DA599D2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:america:*:*:*", "matchCriteriaId": "667A382C-62F8-4247-A7E4-3274ABD894D5", "versionEndExcluding": "5.50\\(absl.0\\)b8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*", "matchCriteriaId": "9259E2F6-885D-4B44-8D40-20758DA599D2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:emea:*:*:*", "matchCriteriaId": "D59F9125-06CF-4C17-ABAD-3BFFD54093E1", "versionEndExcluding": "5.50\\(abpm.4\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3ECE0EB-C429-4716-ABFB-73540847EB9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:america:*:*:*", "matchCriteriaId": "5BE4095A-D9CD-47FC-B4FA-704C8DDA3B02", "versionEndExcluding": "5.50\\(absl.0\\)b8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3ECE0EB-C429-4716-ABFB-73540847EB9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0BC0ACFB-B5F5-4853-8B65-1B17F1BA1D2D", "versionEndExcluding": "5.50\\(abom.5\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*", "matchCriteriaId": "B18982B2-E575-478E-A2B4-0932DE329056", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8FD1C181-B807-4836-A691-84F23E58F29B", "versionEndExcluding": "5.13\\(abnp.6\\).c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*", "matchCriteriaId": "304D3B33-F7EC-4EB3-B6EF-6BEB2112F9C0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF7FBB73-CD6F-41E4-B610-04ABEA5612AB", "versionEndExcluding": "5.17\\(abup.3\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "504D90EC-C277-47BA-8E36-B21BEFC2B008", "versionEndExcluding": "5.15\\(abqx.3\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*", "matchCriteriaId": "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg1312-t20b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "863B6221-F7C9-46BE-82B8-D6D8B9EA7BFA", "versionEndExcluding": "5.50\\(absb.3\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg1312-t20b:-:*:*:*:*:*:*:*", "matchCriteriaId": "37348176-08FD-40F0-9903-05ABABBB1F5C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7085C97B-1960-4787-9B5B-43E8B8A6DB79", "versionEndExcluding": "5.50\\(abpm.4\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*", "matchCriteriaId": "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg3925-b10b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4B9D9186-E7E1-4A11-9B77-9E4A17580D3A", "versionEndExcluding": "5.13\\(aavf.16\\)c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg3925-b10b:-:*:*:*:*:*:*:*", "matchCriteriaId": "A35350B7-8398-4364-8731-1A278EE28A6D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg3925-b10c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CD8D4DA-C916-44B0-867C-46C57626B397", "versionEndExcluding": "5.13\\(aavf.16\\)c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg3925-b10c:-:*:*:*:*:*:*:*", "matchCriteriaId": "22FE72FB-2210-4996-B702-D3C67DC65360", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg3927-b50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D6CE8F4-9EA3-49EA-8C7A-F9DFDD4A3EC9", "versionEndExcluding": "5.15\\(abmt.5\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg3927-b50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "F814684F-D45D-4EF8-A294-A6122B7A760B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg3927-b60a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B47EEF81-9B4A-4F75-8C9D-5F3C2DB6162A", "versionEndExcluding": "5.15\\(abmt.5\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg3927-b60a:-:*:*:*:*:*:*:*", "matchCriteriaId": "99C11501-33FD-4421-909E-E6533EF6F03A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D78B9D9-36BD-4F4E-B12B-63E17CDB5CA8", "versionEndExcluding": "5.13\\(ably.6\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*", "matchCriteriaId": "94BE349D-EC30-4EB7-8B68-EA7223364A4B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E334B7C-9B91-4CCF-8B0B-9319EECF0BCC", "versionEndExcluding": "5.50\\(abom.5\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B33AE56-3948-494B-9E23-54D939DF0D3E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg4005-b50b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB30352E-3CC4-4AA0-9142-D6D7D012C888", "versionEndExcluding": "5.13\\(abrl.5\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg4005-b50b:-:*:*:*:*:*:*:*", "matchCriteriaId": "36B2A37B-0662-43E7-AEB4-DF0C5A30A95F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "700A2229-90D7-4081-8EA6-666161325FAD", "versionEndExcluding": "5.13\\(ably.6\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "C0EE70D2-51BB-4E45-8995-655C1394C440", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "53FAEFB8-139C-4CD7-9DA3-E69BC6873759", "versionEndExcluding": "5.50\\(abpm.4\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*", "matchCriteriaId": "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg8825-b50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "34A42862-B686-4CAA-A410-D31E1961C5DD", "versionEndExcluding": "5.15\\(abmt.5\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg8825-b50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED88F55C-C687-4413-BEC8-DEB15D6AA2F2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg8825-b60a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "96D61E6B-EB21-4714-BEBA-68930F0D8EF8", "versionEndExcluding": "5.15\\(abmt.5\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg8825-b60a:-:*:*:*:*:*:*:*", "matchCriteriaId": "7654E872-36CA-4502-9B91-01741D6E4F46", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg8825-bx0b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D5BC2D2-9ED0-4380-84C0-02E59EB5C7D3", "versionEndExcluding": "5.17\\(abny.5\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg8825-bx0b:-:*:*:*:*:*:*:*", "matchCriteriaId": "205B8F14-3CF2-4329-9642-F4895AF77501", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "621E2854-755E-4DF6-B20E-8CBC4876FB2B", "versionEndExcluding": "5.50\\(abom.5\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4C2320B-52DF-4F86-86D2-42FB62337773", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg8924-b10d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "94FE8F58-C814-46B0-B9CB-F71BE3EF15FE", "versionEndExcluding": "5.13\\(abgq.6\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg8924-b10d:-:*:*:*:*:*:*:*", "matchCriteriaId": "8CB1E19B-BE58-4C79-8AD2-9F23556714D2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:xmg3927-b50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A795802-7981-4FC2-977E-54AF44A294D7", "versionEndExcluding": "5.15\\(abmt.5\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:xmg3927-b50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "99B19AC3-D417-48C7-8C18-F5516794260B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:xmg8825-b50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E1B1E99-2A44-4566-BA91-4D0C7006F8B7", "versionEndExcluding": "5.17\\(abmt.5\\)c0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:xmg8825-b50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "4861B59F-AB86-4A4D-A04C-6EE68EC4A206", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request."}, {"lang": "es", "value": "Una vulnerabilidad de desbordamiento de b\u00fafer en el analizador de URL del servidor web zhttpd en versiones de firmware Zyxel VMG8825-T50K anteriores a V5.50(ABOM.5)C0 podr\u00eda permitir que un atacante no autenticado provoque condiciones de denegaci\u00f3n de servicio (DoS) y potencialmente ejecute c\u00f3digo arbitrario enviando una solicitud HTTP especialmente manipulada."}], "id": "CVE-2025-7673", "lastModified": "2026-01-14T17:52:29.083", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security@zyxel.com.tw", "type": "Secondary"}]}, "published": "2025-07-16T07:15:24.437", "references": [{"source": "security@zyxel.com.tw", "tags": ["Vendor Advisory"], "url": "https://www.zyxel.com/service-provider/global/en/zyxel-security-advisory-remote-code-execution-and-denial-service-vulnerabilities-cpe"}], "sourceIdentifier": "security@zyxel.com.tw", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "security@zyxel.com.tw", "type": "Secondary"}]}

{}

{"created": "2025-07-21T15:17:38.961205+00:00", "updated": "2025-07-21T15:17:38.961261+00:00", "vendors": ["zyxel", "zyxel$PRODUCT$vmg8825-t50k_firmware"]}