Zyxel Nebula Lte3301-plus Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Zyxel Nebula Lte3301-plus Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2025-13942 — CVSS 9.8 (critical): A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through 5.17(ABUP.15.1)C0 could allow a…
CVE-2024-8748 — CVSS 7.5 (high): A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through…
CVE-2024-5412 — CVSS 7.5 (high): A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an…
CVE-2026-1460 — CVSS 7.2 (high): A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0…
CVE-2022-43391 — CVSS 6.5 (medium): A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an…
CVE-2022-43392 — CVSS 6.5 (medium): A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an…
CVE-2024-0816 — CVSS 5.5 (medium): The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause…
CVE-2025-11846 — CVSS 4.9 (medium): A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through…
CVE-2025-11847 — CVSS 4.9 (medium): A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B firmware versions through…
CVE-2025-11845 — CVSS 4.9 (medium): A null pointer dereference vulnerability in the certificate downloader CGI program of the Zyxel VMG3625-T50B firmware versions through…