Zyxel CVE-2026-6058

| EUVD-2026-24051 MEDIUM
Improper Encoding or Escaping of Output (CWE-116)
2026-04-21 Zyxel GHSA-xj2v-mgxg-mcm4
Zyxel Information Disclosure
4.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
Analysis Generated
Apr 21, 2026 - 02:10 vuln.today

DescriptionNVD

UNSUPPORTED WHEN ASSIGNED An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the WLAN to cause a denial-of-service (DoS) condition in the web management interface by convincing an authenticated administrator to visit the “AP Select” page while a malformed SSID is present.

AnalysisAI

Denial-of-service in Zyxel WRE6505 v2 firmware via improper encoding in the CGI program allows an adjacent WLAN attacker to crash the web management interface by crafting a malformed SSID and convincing an authenticated administrator to visit the 'AP Select' page. CVSS 4.5 (moderate) with attack vector limited to adjacent networks (Wi-Fi range). …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-6058 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy