Vulnerability Description
An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris‑style denial‑of‑service (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other networking services remain unaffected.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zyxel | Lte3301-Plus Firmware | <= 1.00\(abqu.7\)c0 |
| Zyxel | Lte3301-Plus | - |
| Zyxel | Nr5103 Firmware | <= 4.19\(abyc.8\)c0 |
| Zyxel | Nr5103 | - |
| Zyxel | Nr5103E Firmware | <= 1.00\(acdj.1\)c0 |
| Zyxel | Nr5103E | - |
| Zyxel | Nr5309 Firmware | <= 1.00\(ackp.1\)b3 |
| Zyxel | Nr5309 | - |
| Zyxel | Nr7302 Firmware | <= 5.00\(acha.5\)c0 |
| Zyxel | Nr7302 | - |
| Zyxel | Nr7303 Firmware | <= 1.00\(acei.1\)c0 |
| Zyxel | Nr7303 | - |
| Zyxel | Nebula Fwa505 Firmware | <= 1.19\(acko.0\)c0 |
| Zyxel | Nebula Fwa505 | - |
| Zyxel | Nebula Fwa510 Firmware | <= 1.20\(acgd.1\)c0 |
| Zyxel | Nebula Fwa510 | - |
| Zyxel | Nebula Fwa515 Firmware | <= 1.50\(acpz.0\)c0 |
| Zyxel | Nebula Fwa515 | - |
| Zyxel | Nebula Fwa710 Firmware | <= 1.20\(acgc.0\)c0 |
| Zyxel | Nebula Fwa710 | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-6599?
CVE-2025-6599 is a vulnerability with a CVSS score of 5.3 (MEDIUM). An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris‑style denial‑of‑servi...
How severe is CVE-2025-6599?
CVE-2025-6599 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-6599?
Check the references section above for vendor advisories and patch information. Affected products include: Zyxel Lte3301-Plus Firmware, Zyxel Lte3301-Plus, Zyxel Nr5103 Firmware, Zyxel Nr5103, Zyxel Nr5103E Firmware.