SB2026022440 - Multiple vulnerabilities in Zyxel products

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) NULL pointer dereference (CVE-ID: CVE-2025-11845)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the certificate downloader CGI program. A remote administrator can pass specially crafted data to the application and perform a denial of service (DoS) attack.

2) NULL pointer dereference (CVE-ID: CVE-2025-11846)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the account settings CGI program. A remote administrator can pass specially crafted data to the application and perform a denial of service (DoS) attack.

3) NULL pointer dereference (CVE-ID: CVE-2025-11847)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the IP settings CGI program. A remote administrator can pass specially crafted data to the application and perform a denial of service (DoS) attack.

4) NULL pointer dereference (CVE-ID: CVE-2025-11848)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Wake-on-LAN CGI program. A remote administrator can pass specially crafted data to the application and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-null-pointer-dereference-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-02-24-2026