CVE-2026-3870
Buffer Overflow in Zyxel VMG4005-B50B Firmware via UPnP
Publication date: 2026-06-02
Last updated on: 2026-06-02
Assigner: Zyxel Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zyxel | vmg4005-b50b | to 5.13(abrL.5.5)c0 (exc) |
| zyxel | nr7101 | to 1.00(abuv.12)b4 (exc) |
| zyxel | nebula_lte3301-plus | to 1.18(accA.8)v0 (exc) |
| zyxel | nebula_nr7101 | to 1.16(accc.3)v0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-3870 is a buffer overflow vulnerability found in the UPnP AddPortMapping() command of Zyxel VMG4005-B50B firmware versions up to 5.13(ABRL.5.4)C0.
This vulnerability allows an adjacent attacker within the same LAN or WLAN environment to exploit the buffer overflow and cause a temporary denial-of-service (DoS) condition that affects the UPnP function of the device.
Despite the DoS affecting the UPnP function, the device continues to process normal network traffic without interruption.
How can this vulnerability impact me? :
An attacker located within the same local network (LAN or WLAN) can exploit this vulnerability to cause a temporary denial-of-service (DoS) on the UPnP function of the affected Zyxel device.
This means that UPnP services may become temporarily unavailable, potentially disrupting applications or devices relying on UPnP for network configuration.
However, the overall network traffic and device operation will continue normally, so the impact is limited to the UPnP functionality.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, users should install the firmware patches released by Zyxel that address the buffer overflow in the UPnP AddPortMapping() command.
For affected devices such as the Zyxel VMG4005-B50B with firmware version 5.13(ABRL.5.4)C0 or earlier, upgrade to firmware version 5.13(ABRL.5.5)C0 or later.
Users who purchased devices independently should contact local Zyxel support or visit the Zyxel Community for assistance.
ISP customers should contact their provider for support and firmware updates.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.