{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6058", "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f", "state": "PUBLISHED", "assignerShortName": "Zyxel", "dateReserved": "2026-04-10T01:11:47.075Z", "datePublished": "2026-04-21T01:42:07.433Z", "dateUpdated": "2026-04-21T13:26:29.283Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f", "shortName": "Zyxel", "dateUpdated": "2026-04-21T01:48:13.740Z"}, "datePublic": "2026-04-21T02:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-116", "description": "CWE-116 Improper Encoding or Escaping of Output", "type": "CWE"}]}], "affected": [{"vendor": "Zyxel", "product": "WRE6505 v2 firmware", "versions": [{"status": "affected", "version": "V1.00(ABDV.3)C0"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "** UNSUPPORTED WHEN ASSIGNED ** An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the WLAN to cause a denial-of-service (DoS) condition in the web management interface by convincing an authenticated administrator to visit the \u201cAP Select\u201d page while a malformed SSID is present.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "** UNSUPPORTED WHEN ASSIGNED ** An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the WLAN to cause a denial-of-service (DoS) condition in the web management interface by convincing an authenticated administrator to visit the \u201cAP Select\u201d page while a malformed SSID is present."}]}], "tags": ["unsupported-when-assigned"], "references": [{"url": "https://www.zyxel.com/global/en/support/end-of-life"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseSeverity": "MEDIUM", "baseScore": 4.5, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-21T13:26:22.166869Z", "id": "CVE-2026-6058", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-21T13:26:29.283Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6058", "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f", "state": "PUBLISHED", "assignerShortName": "Zyxel", "dateReserved": "2026-04-10T01:11:47.075Z", "datePublished": "2026-04-21T01:42:07.433Z", "dateUpdated": "2026-04-21T13:26:29.283Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f", "shortName": "Zyxel", "dateUpdated": "2026-04-21T01:48:13.740Z"}, "datePublic": "2026-04-21T02:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-116", "description": "CWE-116 Improper Encoding or Escaping of Output", "type": "CWE"}]}], "affected": [{"vendor": "Zyxel", "product": "WRE6505 v2 firmware", "versions": [{"status": "affected", "version": "V1.00(ABDV.3)C0"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "** UNSUPPORTED WHEN ASSIGNED ** An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the WLAN to cause a denial-of-service (DoS) condition in the web management interface by convincing an authenticated administrator to visit the \u201cAP Select\u201d page while a malformed SSID is present.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "** UNSUPPORTED WHEN ASSIGNED ** An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the WLAN to cause a denial-of-service (DoS) condition in the web management interface by convincing an authenticated administrator to visit the \u201cAP Select\u201d page while a malformed SSID is present."}]}], "tags": ["unsupported-when-assigned"], "references": [{"url": "https://www.zyxel.com/global/en/support/end-of-life"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseSeverity": "MEDIUM", "baseScore": 4.5, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-6058", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-21T13:26:22.166869Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-21T13:26:25.786Z"}}]}}

{"cveTags": [{"sourceIdentifier": "security@zyxel.com.tw", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "** UNSUPPORTED WHEN ASSIGNED ** An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the WLAN to cause a denial-of-service (DoS) condition in the web management interface by convincing an authenticated administrator to visit the \u201cAP Select\u201d page while a malformed SSID is present."}], "id": "CVE-2026-6058", "lastModified": "2026-04-21T16:20:24.180", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 3.6, "source": "security@zyxel.com.tw", "type": "Secondary"}]}, "published": "2026-04-21T02:16:08.500", "references": [{"source": "security@zyxel.com.tw", "url": "https://www.zyxel.com/global/en/support/end-of-life"}], "sourceIdentifier": "security@zyxel.com.tw", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-116"}], "source": "security@zyxel.com.tw", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T15:29:32.001069+00:00", "value": {"mitigation_remediation": ["Upgrade the WRE6505 firmware to the latest supported version that addresses the impaired encoding issue.", "If no firmware update is available, restrict web\u2011management access to a dedicated, trusted network segment or disable the \u201cAP Select\u201d page entirely.", "Segment the wireless network to prevent unauthenticated or malicious devices from having direct access to the router\u2019s management interface; consider deploying separate guest WLANs and applying strict ACLs."], "summary": {"action": "Immediate Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The affected devices are Zyxel WRE6505 v2 routers running firmware version V1.00(ABDV.3)C0. No other versions or products are listed as vulnerable.", "description_and_impact": "The vulnerability arises from improper handling of SSID encoding in the CGI component of the Zyxel WRE6505 v2 firmware. When an attacker on the local WLAN delivers a specially crafted SSID and an authenticated administrator visits the \u201cAP Select\u201d page, the web management interface crashes, resulting in a denial of service. This flaw falls under CWE\u2011116 and carries a CVSS score of 4.5, indicating moderate risk to the availability of the device\u2019s management console.", "risk_and_exploitability": "Because exploitation requires an adjacent attacker on the same wireless network and an authenticated administrator to trigger the page load, the threat is largely local. The EPSS score is not available, and the flaw is not yet listed in the CISA KEV catalog, suggesting no known widespread exploitation. The CVSS 4.5 indicates a moderate likelihood of causing availability impact, but the need for proximity and authentication reduces the effective risk compared to remote attacks."}}}}, "created": "2026-04-21T15:37:55.176733+00:00", "title": "Denial of Service via Improper Encoding in Zyxel WRE6505 Web Management Interface", "updated": "2026-04-21T15:37:55.176745+00:00", "vendors": []}