{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T13:43:17.367","vulnerabilities":[{"cve":{"id":"CVE-2025-0890","sourceIdentifier":"security@zyxel.com.tw","published":"2025-02-04T11:15:08.880","lastModified":"2025-12-15T21:02:44.180","vulnStatus":"Analyzed","cveTags":[{"sourceIdentifier":"security@zyxel.com.tw","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"**UNSUPPORTED WHEN ASSIGNED**\nInsecure default credentials for the Telnet function in the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an attacker to log in to the management interface if the administrators have the option to change the default credentials but fail to do so."},{"lang":"es","value":"**NO SOPORTADO CUANDO SE ASIGNÓ** Las credenciales predeterminadas inseguras para la función Telnet en el firmware 1.00(AAFR.4)C0_20170615 del CPE DSL heredado Zyxel VMG4325-B10A podrían permitir que un atacante inicie sesión en la interfaz de administración si los administradores tienen la opción de cambiar las credenciales predeterminadas pero no lo hacen."}],"metrics":{"cvssMetricV31":[{"source":"security@zyxel.com.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security@zyxel.com.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg4325-b10a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B88B7A0D-D194-47D1-9D78-682EDFC52B52"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg4325-b10a:-:*:*:*:*:*:*:*","matchCriteriaId":"135700AF-7EC0-4E94-8552-B6F1038DE4A8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:sbg3500-n000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2BC4B86C-ED2F-406D-BCAA-B970BAD248D8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:sbg3500-n000:-:*:*:*:*:*:*:*","matchCriteriaId":"F1E3BCE8-F36A-4FFE-933B-6BADF24506AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg1312-b10a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E8CC0C61-EB6A-4736-80E3-B69693D4A2B1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg1312-b10a:-:*:*:*:*:*:*:*","matchCriteriaId":"7B6C4A31-3B83-444F-B5F8-1397B43B2211"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg1312-b10b_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8EF1C4A6-0305-4759-8DEC-92EB3D2915B1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg1312-b10b:-:*:*:*:*:*:*:*","matchCriteriaId":"6B193DF7-5EE9-4A78-A01E-753463665627"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg1312-b10e_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2DF4827D-405E-4D21-A17E-A201EC6F79F3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg1312-b10e:-:*:*:*:*:*:*:*","matchCriteriaId":"155187EA-4A46-4850-B983-BCE245D57777"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg3312-b10a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E7AC711D-503A-48F9-A523-193F29B9DB22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg3312-b10a:-:*:*:*:*:*:*:*","matchCriteriaId":"FFD9DF7D-E6E8-4261-8BD7-12A1AE8839BD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg3313-b10a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DDEC1767-C8D9-495F-B809-FCDB39DCF98B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg3313-b10a:-:*:*:*:*:*:*:*","matchCriteriaId":"46446AE5-EBC1-4E4C-A30F-C610C3EB0975"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg3926-b10b_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F7120E86-98DC-4824-BF59-02234501EA29"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg3926-b10b:-:*:*:*:*:*:*:*","matchCriteriaId":"B1DAF061-1975-4A5B-8206-1E9836DBA1B0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg4325-b10a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B88B7A0D-D194-47D1-9D78-682EDFC52B52"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg4325-b10a:-:*:*:*:*:*:*:*","matchCriteriaId":"135700AF-7EC0-4E94-8552-B6F1038DE4A8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg4380-b10a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4808FDF8-4815-4C4F-AFE7-31EADE517B31"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg4380-b10a:-:*:*:*:*:*:*:*","matchCriteriaId":"88BA2BDF-9ACA-4F89-B7B7-FD232A6399CD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg8324-b10a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FF0AFA0F-D126-4D1C-89EC-878AB0F5E74C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg8324-b10a:-:*:*:*:*:*:*:*","matchCriteriaId":"53C32749-82A6-42AA-9EBE-11014F161D2F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg8924-b10a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"11BEC42C-7815-4EA3-B1E5-66E2443B5032"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg8924-b10a:-:*:*:*:*:*:*:*","matchCriteriaId":"96DC6BBF-15B8-496F-85FE-5373B6CEDC3C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:sbg3300-n000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"852E8F04-4C28-4904-AA4A-ACE4EAD6DC31"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:sbg3300-n000:-:*:*:*:*:*:*:*","matchCriteriaId":"902A735D-2D84-4183-B4B3-FA36AD9F13A5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:sbg3300-nb00_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B338AE18-ECE4-4B90-A1D5-16F2983464E7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:sbg3300-nb00:-:*:*:*:*:*:*:*","matchCriteriaId":"E4658399-1699-4426-ACFF-BDEE20BF1A54"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:sbg3500-nb00_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CD0DECE6-7AFC-4E86-9FFE-1215ECF8324D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:sbg3500-nb00:-:*:*:*:*:*:*:*","matchCriteriaId":"5185679F-9FBC-4B2E-AE79-1471EB56E46A"}]}]}],"references":[{"url":"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-insecure-default-credentials-vulnerabilities-in-certain-legacy-dsl-cpe-02-04-2025","source":"security@zyxel.com.tw","tags":["Vendor Advisory"]}]}}]}