CVE-2026-7256
CVE-2026-7256
8.8
HighPublished:
Last updated:
Source:security@zyxel.com.tw
Analyzed
Weakness (CWE)
CVSS Vector
v3.1- Attack Vector
- Adjacent
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- Scope
- Unchanged
- Confidentiality
- High
- Integrity
- High
- Availability
- High
Description
** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the LAN to execute operating system (OS) commands on a vulnerable device by sending a crafted HTTP request.
References
security@zyxel.com.tw
https://www.zyxel.com/global/en/support/end-of-life