CVE-2026-3870

Published: Giu 02, 2026 Last Modified: Giu 02, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,5

Source: [email protected]

Attack Vector: adjacent_network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: none

Integrity: none

Availability: high

Description

AI Translation Available

A buffer overflow vulnerability in the UPnP AddPortMapping() command in Zyxel VMG4005-B50B firmware versions through 5.13(ABRL.5.4)C0 could allow an adjacent attacker to trigger a temporary denial-of-service (DoS) condition affecting the UPnP function of the affected device.

120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Confidentiality Availability

Potential Impacts:

Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu)

Applicable Platforms

Languages: Memory-Unsafe, C, C++, Assembly

Likelihood of Exploit: High

View CWE Details

https://www.zyxel.com/global/en/support/security-advisories…

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advi…

CVE-2026-3870

Description

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Common Consequences

Applicable Platforms

Iscriviti alla newsletter