CVE-2024-8748

Q: What is the severity of CVE-2024-8748?

CVE-2024-8748 has a CVSS score of 7.5 (HIGH). A buffer overflow vulnerability in the libclinkc library used by Zyxel VMG8825-T50K devices allows attackers to cause temporary denial of service against the web management interface. This affects users running firmware versions through V5.50(ABOM.8.4)C0 on these specific Zyxel devices.

7.5 HIGH

Denial of Service Buffer Overflow

📋 TL;DR

A buffer overflow vulnerability in the libclinkc library used by Zyxel VMG8825-T50K devices allows attackers to cause temporary denial of service against the web management interface. This affects users running firmware versions through V5.50(ABOM.8.4)C0 on these specific Zyxel devices.

💻 Affected Systems

Products:

Zyxel VMG8825-T50K

Versions: Through V5.50(ABOM.8.4)C0

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects devices with web management interface enabled and accessible.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete web interface unavailability requiring device reboot, potentially disrupting management and configuration capabilities.

🟠

Likely Case

Temporary web interface unavailability lasting until the device recovers or is rebooted, disrupting administrative access.

🟢

If Mitigated

Minimal impact with proper network segmentation and access controls limiting exposure.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting specific HTTP POST requests but does not require authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after V5.50(ABOM.8.4)C0

Vendor Advisory: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024

Restart Required: No

Instructions:

1. Log into Zyxel support portal. 2. Download latest firmware for VMG8825-T50K. 3. Upload firmware via web interface. 4. Apply update without reboot if possible.

🔧 Temporary Workarounds

Restrict Web Interface Access

all

Limit access to web management interface to trusted IP addresses only.

Disable Web Interface

all

Temporarily disable web management interface if not required.

🧯 If You Can't Patch

Segment affected devices on isolated network segments
Implement strict firewall rules blocking external access to web interface

🔍 How to Verify

Check if Vulnerable:

Check firmware version via web interface or CLI: System Info > Firmware Version

Check Version:

show system information

Verify Fix Applied:

Verify firmware version is newer than V5.50(ABOM.8.4)C0

📡 Detection & Monitoring

Log Indicators:

Multiple HTTP POST requests to web interface followed by service interruption
Web interface process crashes or restarts

Network Indicators:

Unusual HTTP POST traffic patterns to device management interface
Sudden drop in web interface responsiveness

SIEM Query:

source="device_logs" AND (http_method="POST" AND url_contains="/cgi-bin/") AND device_model="VMG8825-T50K"

📊 Metadata

CVE ID: CVE-2024-8748

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-120

Published: December 3, 2024

Last Updated: January 21, 2025

🔗 References

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-and-post-authentication-command-injection-vulnerabilities-in-some-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wifi-extenders-12-03-2024 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ax7501 B0 Firmware by Zyxel

Ax7501 B1 Firmware by Zyxel

Dx3300 T0 Firmware by Zyxel

Dx3300 T1 Firmware by Zyxel

Dx3301 T0 Firmware by Zyxel

Dx4510 B0 Firmware by Zyxel

Dx4510 B1 Firmware by Zyxel

Dx5401 B0 Firmware by Zyxel

Dx5401 B1 Firmware by Zyxel

Ee6510 10 Firmware by Zyxel

Emg3525 T50b Firmware by Zyxel

Emg5523 T50b Firmware by Zyxel

Emg5723 T50k Firmware by Zyxel

Emg6726 B10a Firmware by Zyxel

Ex2210 T0 Firmware by Zyxel

Ex3300 T0 Firmware by Zyxel

Ex3300 T1 Firmware by Zyxel

Ex3301 T0 Firmware by Zyxel

Ex3500 T0 Firmware by Zyxel

Ex3501 T0 Firmware by Zyxel

Ex3510 B0 Firmware by Zyxel

Ex3510 B1 Firmware by Zyxel

Ex3600 T0 Firmware by Zyxel

Ex5401 B0 Firmware by Zyxel

Ex5401 B1 Firmware by Zyxel

Ex5501 B0 Firmware by Zyxel

Ex5510 B0 Firmware by Zyxel

Ex5512 T0 Firmware by Zyxel

Ex5600 T1 Firmware by Zyxel

Ex5601 T0 Firmware by Zyxel

Ex5601 T1 Firmware by Zyxel

Ex7501 B0 Firmware by Zyxel

Ex7710 B0 Firmware by Zyxel

Lte3301 Plus Firmware by Zyxel

Lte5388 M804 Firmware by Zyxel

Lte5398 M904 Firmware by Zyxel

Lte7480 M804 Firmware by Zyxel

Lte7490 M904 Firmware by Zyxel

Nebula Lte3301 Plus Firmware by Zyxel

Nebula Nr5101 Firmware by Zyxel

Nebula Nr7101 Firmware by Zyxel

Nr7101 Firmware by Zyxel

Nr7102 Firmware by Zyxel

Pm3100 T0 Firmware by Zyxel

Pm5100 T0 Firmware by Zyxel

Pm7300 T0 Firmware by Zyxel

Pm7500 T0 Firmware by Zyxel

Px3321 T1 Firmware by Zyxel

Px3321 T1 Firmware by Zyxel

Px5301 T0 Firmware by Zyxel

Vmg3625 T50b Firmware by Zyxel

Vmg3927 B50b Firmware by Zyxel

Vmg3927 T50k Firmware by Zyxel

Vmg4005 B50a Firmware by Zyxel

Vmg4005 B50b Firmware by Zyxel

Vmg4005 B60a Firmware by Zyxel

Vmg4927 B50a Firmware by Zyxel

Vmg8623 T50b Firmware by Zyxel

Vmg8825 T50k Firmware by Zyxel

Vmg8825 T50k Firmware by Zyxel

Wx3100 T0 Firmware by Zyxel

Wx3401 B0 Firmware by Zyxel

Wx3401 B1 Firmware by Zyxel

Wx5600 T0 Firmware by Zyxel

Wx5610 B0 Firmware by Zyxel