CVE-2024-38267

Q: What is the severity of CVE-2024-38267?

CVE-2024-38267 has a CVSS score of 4.9 (MEDIUM). This vulnerability allows authenticated administrators to cause memory corruption in the IPv6 parser of Zyxel VMG8825-T50K devices, potentially crashing threads. It affects devices running firmware versions through 5.50(ABOM.8)C0. Attackers need administrative credentials to exploit this issue.

4.9 MEDIUM

Denial of Service

📋 TL;DR

This vulnerability allows authenticated administrators to cause memory corruption in the IPv6 parser of Zyxel VMG8825-T50K devices, potentially crashing threads. It affects devices running firmware versions through 5.50(ABOM.8)C0. Attackers need administrative credentials to exploit this issue.

💻 Affected Systems

Products:

Zyxel VMG8825-T50K

Versions: through 5.50(ABOM.8)C0

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Requires IPv6 functionality and administrative access to exploit.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Thread crash leading to denial of service, potentially disrupting network services on the affected device.

🟠

Likely Case

Localized thread crash affecting specific IPv6 processing functions without complete device failure.

🟢

If Mitigated

Minimal impact if proper access controls prevent unauthorized administrative access.

🌐 Internet-Facing: MEDIUM - Devices exposed to the internet could be targeted by attackers with stolen credentials.

🏢 Internal Only: MEDIUM - Insider threats or compromised internal accounts could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires authenticated administrative access and knowledge of memory corruption techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 5.50(ABOM.8)C0

Vendor Advisory: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024

Restart Required: Yes

Instructions:

1. Log into Zyxel support portal. 2. Download latest firmware for VMG8825-T50K. 3. Upload firmware via web interface. 4. Apply update and restart device.

🔧 Temporary Workarounds

Disable IPv6

all

Turn off IPv6 functionality to prevent exploitation of the vulnerable parser.

Restrict Administrative Access

all

Limit administrative access to trusted IP addresses and use strong authentication.

🧯 If You Can't Patch

Implement strict access controls for administrative interfaces
Monitor for unusual administrative login attempts or thread crashes

🔍 How to Verify

Check if Vulnerable:

Check firmware version via web interface: System Info > Firmware Version

Check Version:

Check via web interface or SSH: show version

Verify Fix Applied:

Verify firmware version is newer than 5.50(ABOM.8)C0

📡 Detection & Monitoring

Log Indicators:

Thread crash logs
IPv6 processing errors
Multiple failed admin login attempts

Network Indicators:

Unusual IPv6 traffic patterns to administrative interfaces

SIEM Query:

source="zyxel" AND (event_type="thread_crash" OR event_type="ipv6_error")

📊 Metadata

CVE ID: CVE-2024-38267

CVSS v3 Score: 4.9 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-119

Published: September 24, 2024

Last Updated: February 24, 2026

🔗 References

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ax7501 B1 Firmware by Zyxel

Dx3300 T0 Firmware by Zyxel

Dx3300 T1 Firmware by Zyxel

Dx3301 T0 Firmware by Zyxel

Dx4510 B0 Firmware by Zyxel

Dx4510 B1 Firmware by Zyxel

Dx5401 B0 Firmware by Zyxel

Dx5401 B1 Firmware by Zyxel

Emg3525 T50b Firmware by Zyxel

Emg5523 T50b Firmware by Zyxel

Emg5723 T50k Firmware by Zyxel

Ex3300 T0 Firmware by Zyxel

Ex3300 T1 Firmware by Zyxel

Ex3301 T0 Firmware by Zyxel

Ex3500 T0 Firmware by Zyxel

Ex3501 T0 Firmware by Zyxel

Ex3510 B0 Firmware by Zyxel

Ex3510 B1 Firmware by Zyxel

Ex3600 T0 Firmware by Zyxel

Ex5401 B0 Firmware by Zyxel

Ex5401 B1 Firmware by Zyxel

Ex5510 B0 Firmware by Zyxel

Ex5512 T0 Firmware by Zyxel

Ex5601 T0 Firmware by Zyxel

Ex5601 T1 Firmware by Zyxel

Ex7501 B0 Firmware by Zyxel

Ex7710 B0 Firmware by Zyxel

Pm3100 T0 Firmware by Zyxel

Pm5100 T0 Firmware by Zyxel

Pm7300 T0 Firmware by Zyxel

Px3321 T1 Firmware by Zyxel

Scr50axe Firmware by Zyxel

Vmg3625 T50b Firmware by Zyxel

Vmg3927 T50k Firmware by Zyxel

Vmg4005 B50a Firmware by Zyxel

Vmg4005 B60a Firmware by Zyxel

Vmg8623 T50b Firmware by Zyxel

Vmg8825 T50k Firmware by Zyxel

Wx3100 T0 Firmware by Zyxel

Wx3401 B0 Firmware by Zyxel

Wx5600 T0 Firmware by Zyxel