Description
A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2.90(ABTQ.1)C0 could allow a LAN-based, unauthenticated attacker to exploit the flaw and potentially execute OS commands via a crafted HTTP request.
Published: 2026-06-16
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a stack‑based buffer overflow in the CGI program of Zyxel GS1900 switches, allowing a LAN‑based unauthenticated attacker to send a crafted HTTP request that can result in execution of operating‑system commands. Attackers could potentially compromise the switch’s operating system, leading to full control over the device.

Affected Systems

Affected devices include Zyxel GS1900‑8, GS1900‑8HP, GS1900‑10HP, GS1900‑16, GS1900‑24, GS1900‑24E, GS1900‑24EP, GS1900‑24HPv2, GS1900‑48, and GS1900‑48HPv2 firmware versions up through and including 2.90(ABTQ.1)C0.

Risk and Exploitability

The CVSS score of 8.8 indicates high severity, while the EPSS score of less than 1% suggests a low probability of exploitation at present. It is not listed in CISA’s KEV catalog. Exploitation requires an unauthenticated connection from a device on the same local network that can reach the switch’s HTTP management interface. Successful exploitation could provide the attacker with the ability to run arbitrary OS commands on the device.

Generated by OpenCVE AI on June 18, 2026 at 00:17 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Zyxel GS1900 firmware to a version newer than 2.90(ABTQ.1)C0 that resolves the buffer overflow.
  • Restrict or disable CGI access on the switch to limit exposure to HTTP requests.
  • Segment the network so that unauthenticated LAN devices cannot reach the switch’s HTTP management interface.

Generated by OpenCVE AI on June 18, 2026 at 00:17 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Title Stack-Based Buffer Overflow in Zyxel GS1900 Switch Firmware

Tue, 16 Jun 2026 21:15:00 +0000

Type Values Removed Values Added
Title Stack-Based Buffer Overflow in Zyxel GS1900 Switch Firmware

Tue, 16 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 16 Jun 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Zyxel
Zyxel gs1900-10hp Firmware
Zyxel gs1900-16 Firmware
Zyxel gs1900-24 Firmware
Zyxel gs1900-24e Firmware
Zyxel gs1900-24ep Firmware
Zyxel gs1900-24hpv2 Firmware
Zyxel gs1900-48 Firmware
Zyxel gs1900-48hpv2 Firmware
Zyxel gs1900-8 Firmware
Zyxel gs1900-8hp Firmware
Vendors & Products Zyxel
Zyxel gs1900-10hp Firmware
Zyxel gs1900-16 Firmware
Zyxel gs1900-24 Firmware
Zyxel gs1900-24e Firmware
Zyxel gs1900-24ep Firmware
Zyxel gs1900-24hpv2 Firmware
Zyxel gs1900-48 Firmware
Zyxel gs1900-48hpv2 Firmware
Zyxel gs1900-8 Firmware
Zyxel gs1900-8hp Firmware

Tue, 16 Jun 2026 06:30:00 +0000

Type Values Removed Values Added
Description A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2.90(ABTQ.1)C0 could allow a LAN-based, unauthenticated attacker to exploit the flaw and potentially execute OS commands via a crafted HTTP request.
Weaknesses CWE-121
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


Subscriptions

Zyxel Gs1900-10hp Firmware Gs1900-16 Firmware Gs1900-24 Firmware Gs1900-24e Firmware Gs1900-24ep Firmware Gs1900-24hpv2 Firmware Gs1900-48 Firmware Gs1900-48hpv2 Firmware Gs1900-8 Firmware Gs1900-8hp Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: Zyxel

Published:

Updated: 2026-06-18T03:55:36.625Z

Reserved: 2026-04-28T06:21:36.574Z

Link: CVE-2026-7273

cve-icon Vulnrichment

Updated: 2026-06-16T12:38:21.874Z

cve-icon NVD

Status : Deferred

Published: 2026-06-16T03:16:13.557

Modified: 2026-06-16T15:23:48.003

Link: CVE-2026-7273

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T00:30:14Z

Weaknesses
  • CWE-121

    Stack-based Buffer Overflow