Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-3577

**UNSUPPORTED WHEN ASSIGNED** A path traversal vulnerability in the web management interface of the Zyxel AMG1302-T10B firmware version 2.00(AAJC.16)C0 could allow an authenticated attacker with administrator privileges to access restricted directories by sending a crafted HTTP request to an affected device.

Published

2025-04-22T03:15:21.637

Last Modified

2025-06-23T19:29:59.393

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.9 (MEDIUM)

Weaknesses

Type: Secondary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	zyxel	amg1302-t10b_firmware	2.00\(aajc.16\)c0	Yes
Hardware	zyxel	amg1302-t10b	-	No

References

https://github.com/Jiangxiazhe/IOT_Vulnerability/blob/main/README.md Exploit, Third Party Advisory ([email protected])
https://www.zyxel.com/service-provider/global/en/security-advisories/end-of-life Product ([email protected])
https://github.com/Jiangxiazhe/IOT_Vulnerability/blob/main/README.md Exploit, Third Party Advisory (134c704f-9b21-4f2e-91b3-4a467353bcc0)