Vulnerability Description
A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service (DoS) conditions via a crafted URL.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zyxel | Gs1900-8 Firmware | < 2.90\(aahh.0\)c0 |
| Zyxel | Gs1900-8 | - |
| Zyxel | Gs1900-8Hp Firmware | < 2.90\(aahi.0\)c0 |
| Zyxel | Gs1900-8Hp | - |
| Zyxel | Gs1900-10Hp Firmware | < 2.90\(aazi.0\)c0 |
| Zyxel | Gs1900-10Hp | - |
| Zyxel | Gs1900-16 Firmware | < 2.90\(aahj.0\)c0 |
| Zyxel | Gs1900-16 | - |
| Zyxel | Gs1900-24 Firmware | < 2.90\(aahl.0\)c0 |
| Zyxel | Gs1900-24 | - |
| Zyxel | Gs1900-24E Firmware | < 2.90\(aahk.0\)c0 |
| Zyxel | Gs1900-24E | - |
| Zyxel | Gs1900-24Ep Firmware | < 2.90\(abto.0\)c0 |
| Zyxel | Gs1900-24Ep | - |
| Zyxel | Gs1900-24Hpv2 Firmware | < 2.90\(abtp.0\)c0 |
| Zyxel | Gs1900-24Hpv2 | - |
| Zyxel | Gs1900-48 Firmware | < 2.90\(aahn.0\)c0 |
| Zyxel | Gs1900-48 | - |
| Zyxel | Gs1900-48Hpv2 Firmware | < 2.90\(abtq.0\)c0 |
| Zyxel | Gs1900-48Hpv2 | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2024-8882?
CVE-2024-8882 is a vulnerability with a CVSS score of 4.5 (MEDIUM). A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privil...
How severe is CVE-2024-8882?
CVE-2024-8882 has been rated MEDIUM with a CVSS base score of 4.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-8882?
Check the references section above for vendor advisories and patch information. Affected products include: Zyxel Gs1900-8 Firmware, Zyxel Gs1900-8, Zyxel Gs1900-8Hp Firmware, Zyxel Gs1900-8Hp, Zyxel Gs1900-10Hp Firmware.