CVE-2024-0816

moderate-risk
Published 2024-05-21

The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device.

Do I need to act?

-
0.08% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (20)

Lte3202-M437 Firmware
Lte3301-Plus Firmware
Lte5388-M804 Firmware
Lte5398-M904 Firmware
Lte7240-M403 Firmware
Lte7480-M804 Firmware
Lte7490-M904 Firmware
Nr5103 Firmware
Nr5103E Firmware
Nr5103Ev2 Firmware
Nr5307 Firmware
Nr7101 Firmware
Nr7102 Firmware
Nr7103 Firmware
Nr7302 Firmware
Nr7303 Firmware
Nr7501 Firmware
Nebula Fwa505 Firmware
Nebula Fwa510 Firmware
Nebula Fwa710 Firmware

Affected Vendors

Zyxel

References (2)

Vendor Advisory https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advis...
Vendor Advisory https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advis...
45
/ 100
moderate-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 27/34 · High