Zyxel Ex5401-b1 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Zyxel Ex5401-b1 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2025-8693 — CVSS 8.8 (high): A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and…
CVE-2025-13943 — CVSS 8.8 (high): A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through…
CVE-2024-5412 — CVSS 7.5 (high): A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an…
CVE-2024-8748 — CVSS 7.5 (high): A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through…
CVE-2024-12009 — CVSS 7.2 (high): A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70(ACDZ.3.6)C0 and…
CVE-2026-1460 — CVSS 7.2 (high): A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0…
CVE-2024-12010 — CVSS 7.2 (high): A post-authentication command injection vulnerability in the ”zyUtilMailSend” function of the Zyxel AX7501-B1 firmware version…
CVE-2026-0711 — CVSS 6.8 (medium): A post-authentication command injection vulnerability in the EasyMesh-related APIs of Zyxel DX3300-T0 firmware versions through…
CVE-2023-37929 — CVSS 6.5 (medium): The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated…
CVE-2024-0816 — CVSS 5.5 (medium): The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause…
CVE-2025-6599 — CVSS 5.3 (medium): An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could…
CVE-2025-11845 — CVSS 4.9 (medium): A null pointer dereference vulnerability in the certificate downloader CGI program of the Zyxel VMG3625-T50B firmware versions through…
CVE-2025-11846 — CVSS 4.9 (medium): A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through…
CVE-2025-11847 — CVSS 4.9 (medium): A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B firmware versions through…
CVE-2024-38269 — CVSS 4.9 (medium): An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K…
CVE-2024-38268 — CVSS 4.9 (medium): An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware…
CVE-2024-38267 — CVSS 4.9 (medium): An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of the Zyxel VMG8825-T50K firmware…
CVE-2024-38266 — CVSS 4.9 (medium): An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware…
CVE-2025-11848 — CVSS 4.9 (medium): A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Zyxel VMG3625-T50B firmware version through 5.50(ABPM.9.6)C0…
CVE-2024-9197 — CVSS 4.9 (medium): A post-authentication buffer overflow vulnerability in the parameter "action" of the CGI program in Zyxel VMG3625-T50B firmware versions…