CVE-2024-8882
Description
A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service (DoS) conditions via a crafted URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A buffer overflow in the CGI program of Zyxel GS1900-48 switch allows authenticated admin attackers to cause denial of service via a crafted URL.
Vulnerability
A buffer overflow vulnerability exists in the CGI program of the Zyxel GS1900-48 switch running firmware version V2.80(AAHN.1)C0 and earlier [1]. The flaw is triggered when the CGI program processes a specially crafted URL. An attacker must be authenticated and have administrator privileges to exploit this vulnerability.
Exploitation
An attacker with LAN access and valid administrator credentials can send a crafted HTTP request containing a malicious URL to the affected switch's CGI program [1]. The buffer overflow occurs during processing, leading to a denial of service condition.
Impact
Successful exploitation causes denial of service (DoS) on the target device, potentially making it unresponsive or crashing it [1]. No code execution or data compromise is associated with this vulnerability.
Mitigation
Zyxel has released firmware patches for the GS1900 series switches to address this vulnerability [1]. Users should upgrade to the latest firmware version as specified in the vendor's security advisory. No workarounds are documented.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <= V2.80(AAHN.1)C0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.