CVE Catalog

CVE-2026-6058

MediumCVSS 4.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

8th percentile - higher than 8% of all known CVEs

Summary

An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 allows an adjacent attacker on the WLAN to cause a denial-of-service (DoS) condition in the web management interface. The attack requires convincing an authenticated administrator to visit the “AP Select” page while a malformed SSID is present.

Risk Assessment

The attack can make the management interface unavailable, preventing administration and potentially requiring a manual reboot. The vulnerability affects an unsupported product.

Recommendation

Immediately replace the device with a supported model, as no patch will be released. As a temporary measure, restrict management interface access to trusted networks only.

Original NVD description (English source)

** UNSUPPORTED WHEN ASSIGNED ** An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the WLAN to cause a denial-of-service (DoS) condition in the web management interface by convincing an authenticated administrator to visit the “AP Select” page while a malformed SSID is present.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS