Description
** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the LAN to execute operating system (OS) commands on a vulnerable device by sending a crafted HTTP request.
Published: 2026-05-12
Score: 8.8 High
EPSS: 1.0% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a command injection flaw located in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0. An attacker who is physically adjacent to the device on the local network can craft a specific HTTP request that causes the device to execute arbitrary operating‑system commands. The flaw is categorized as CWE‑78, indicating unsafe handling of user input passed to system commands. This weakness allows an attacker to run commands with the privileges of the firmware service, potentially modifying device configuration, accessing stored data, or altering system behavior.

Affected Systems

Zyxel WRE6505 v2 firmware, specifically version V1.00(ABDV.3)C0, is affected.

Risk and Exploitability

The CVSS score of 8.8 classifies this as a high‑severity vulnerability. The EPSS score of 1% indicates a low but nonzero likelihood of exploitation. The flaw is not listed in the CISA KEV catalog. Because the description states that an attacker must be located on the same LAN segment, the attack vector is local. No additional authentication or privilege escalation steps are described, so compromised access is achieved by simply sending a crafted HTTP request to the vulnerable CGI endpoint. Organizations that host this device on untrusted LAN segments face the risk of local compromise, including potential installation of malicious firmware or pivoting to other network assets.

Generated by OpenCVE AI on June 18, 2026 at 13:06 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Zyxel WRE6505 firmware to a version that addresses the command‑injection flaw, following Zyxel’s support updates or release notes.
  • Implement network segmentation so that the device’s web interface is isolated on a dedicated management VLAN and restrict inbound HTTP traffic from untrusted LAN hosts using firewall or ACL rules.
  • If a patched firmware is unavailable or the device has reached end‑of‑life, isolate the unit from the operational LAN or replace it with a supported, secure alternative.

Generated by OpenCVE AI on June 18, 2026 at 13:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 17 Jun 2026 12:15:00 +0000

Type Values Removed Values Added
Title Zyxel WRE6505 v2 Firmware Command Injection via HTTP

Tue, 16 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Title Zyxel WRE6505 v2 Firmware Command Injection via HTTP

Sat, 13 Jun 2026 15:30:00 +0000

Type Values Removed Values Added
Title Command Injection via CGI in Zyxel WRE6505 v2 Firmware Allows Local Network Attackers to Execute OS Commands

Sat, 16 May 2026 03:15:00 +0000

Type Values Removed Values Added
First Time appeared Zyxel wre6505
CPEs cpe:2.3:h:zyxel:wre6505:v2:*:*:*:*:*:*:*
cpe:2.3:o:zyxel:wre6505_firmware:v1.00\(abdv.3\)c0:*:*:*:*:*:*:*
Vendors & Products Zyxel wre6505

Tue, 12 May 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 12 May 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Zyxel
Zyxel wre6505 Firmware
Vendors & Products Zyxel
Zyxel wre6505 Firmware

Tue, 12 May 2026 05:45:00 +0000

Type Values Removed Values Added
Title Command Injection via CGI in Zyxel WRE6505 v2 Firmware Allows Local Network Attackers to Execute OS Commands

Tue, 12 May 2026 04:15:00 +0000

Type Values Removed Values Added
Description ** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the LAN to execute operating system (OS) commands on a vulnerable device by sending a crafted HTTP request.
Weaknesses CWE-78
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


Subscriptions

Zyxel Wre6505 Wre6505 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: Zyxel

Published:

Updated: 2026-05-12T12:48:50.333Z

Reserved: 2026-04-28T02:06:55.400Z

Link: CVE-2026-7256

cve-icon Vulnrichment

Updated: 2026-05-12T12:48:45.425Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-12T04:16:29.360

Modified: 2026-06-17T11:02:05.663

Link: CVE-2026-7256

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T13:15:15Z

Weaknesses
  • CWE-78

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')