MEDIUM🇬🇧 English

CVE-2026-7255

CVSS 6.5v3.1pub. 2026-05-12upd. 2026-05-13

** UNSUPPORTED WHEN ASSIGNED ** An improper restriction of excessive authentication attempts vulnerability in the web management interface of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the LAN to brute-force the password and bypass authentication.

oryginał EN
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Zyxel Wre6505

    HW
    Zyxel
    v2
  • Zyxel Wre6505 Firmware

    OS
    Zyxel
    v1.00\(abdv.3\)c0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2017-7964CRITICAL10.0ten sam produkt

Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts, which makes it e...

CVE-2026-7256HIGH8.8ten sam produkt

** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmw...

CVE-2026-7257MEDIUM4.4ten sam produkt

** UNSUPPORTED WHEN ASSIGNED ** An insecure storage of sensitive information vulnerability in the configuratio...

CVE-2023-27992CRITICAL9.8⚠ KEVten sam vendor

The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AA...

CVE-2023-33009CRITICAL9.8⚠ KEVten sam vendor

A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 throug...