Description
** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the LAN to execute operating system (OS) commands on a vulnerable device by sending a crafted HTTP request.
Published: 2026-05-12
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a command injection flaw in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0. By sending a specially crafted HTTP request from an adjacent LAN host, an attacker can cause the device to execute arbitrary operating‑system commands. This flaw permits complete takeover of the device’s operating system, providing full control and the ability to pivot to other network assets. The weakness falls under CWE-78, highlighting unsafe handling of user input for system command execution.

Affected Systems

Zyxel WRE6505 v2 firmware, specifically version V1.00(ABDV.3)C0. No other versions are listed in the supplied data, so only this configuration is affected.

Risk and Exploitability

The CVSS score of 8.8 indicates a high severity exploit that can be achieved relatively easily once the attacker is on the local network. While the EPSS score is not available and the vulnerability is not listed in CISA’s KEV catalog, the dependence on LAN proximity means that the attack vector is local rather than internet‑accessible. Organizations with the device on a broad, untrusted LAN face a significant risk: an attacker could gain administrative privileges, install malware, or exfiltrate data. The lack of public exploit indicators suggests that exploitation may require some effort to craft the request, but the high severity and local network attack vector warrant prompt action.

Generated by OpenCVE AI on May 12, 2026 at 05:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Zyxel WRE6505 firmware to the latest Zyxel‑released version that contains the command‑injection fix. Consult Zyxel support for the relevant update or release notes.
  • Restrict the web interface of the device to a dedicated management VLAN and block inbound HTTP requests from untrusted LAN hosts using firewall rules or access control lists.
  • If a firmware update is unavailable or the hardware is end‑of‑life, isolate or terminate the device from the operational LAN, or replace it with a supported, secure alternative.

Generated by OpenCVE AI on May 12, 2026 at 05:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 12 May 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Zyxel
Zyxel wre6505 Firmware
Vendors & Products Zyxel
Zyxel wre6505 Firmware

Tue, 12 May 2026 05:45:00 +0000

Type Values Removed Values Added
Title Command Injection via CGI in Zyxel WRE6505 v2 Firmware Allows Local Network Attackers to Execute OS Commands

Tue, 12 May 2026 04:15:00 +0000

Type Values Removed Values Added
Description ** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the LAN to execute operating system (OS) commands on a vulnerable device by sending a crafted HTTP request.
Weaknesses CWE-78
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Zyxel Wre6505 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: Zyxel

Published:

Updated: 2026-05-12T12:48:50.333Z

Reserved: 2026-04-28T02:06:55.400Z

Link: CVE-2026-7256

cve-icon Vulnrichment

Updated: 2026-05-12T12:48:45.425Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-12T04:16:29.360

Modified: 2026-05-12T15:11:29.503

Link: CVE-2026-7256

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T08:45:11Z

Weaknesses