Vulnerability Description
A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zyxel | Lte3301-Plus Firmware | < 1.00\(abqu.6\)c0 |
| Zyxel | Lte3301-Plus | - |
| Zyxel | Lte5388-M804 Firmware | < 1.00\(absq.5\)c0 |
| Zyxel | Lte5388-M804 | - |
| Zyxel | Lte5398-M904 Firmware | < 1.00\(abq.5\)c0 |
| Zyxel | Lte5398-M904 | - |
| Zyxel | Lte7480-M804 Firmware | < 1.00\(abra.10\)c0 |
| Zyxel | Lte7480-M804 | - |
| Zyxel | Lte7490-M904 Firmware | < 1.00\(abqy.9\)c0 |
| Zyxel | Lte7490-M904 | - |
| Zyxel | Nr7101 Firmware | < 1.00\(abu.11\)c0 |
| Zyxel | Nr7101 | - |
| Zyxel | Nr7102 Firmware | < 1.00\(abyd.4\)c0 |
| Zyxel | Nr7102 | - |
| Zyxel | Nebula Nr5101 Firmware | < 1.16\(accg.1\)c0 |
| Zyxel | Nebula Nr5101 | - |
| Zyxel | Nebula Nr7101 Firmware | < 1.16\(accc.1\)c0 |
| Zyxel | Nebula Nr7101 | - |
| Zyxel | Nebula Lte3301-Plus Firmware | < 1.18\(acca.5\)c0 |
| Zyxel | Nebula Lte3301-Plus | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2024-8748?
CVE-2024-8748 is a vulnerability with a CVSS score of 7.5 (HIGH). A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a tempora...
How severe is CVE-2024-8748?
CVE-2024-8748 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-8748?
Check the references section above for vendor advisories and patch information. Affected products include: Zyxel Lte3301-Plus Firmware, Zyxel Lte3301-Plus, Zyxel Lte5388-M804 Firmware, Zyxel Lte5388-M804, Zyxel Lte5398-M904 Firmware.