CVE-2025-6599 MEDIUM

CVE-2025-6599

Vendor Zyxel
Product DX3301-T0 firmware
Weakness CWE-400
Published November 18, 2025
Last update November 18, 2025

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an attacker to perform Slowloris‑style denial‑of‑service (DoS) attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt access to the web management interface, while other networking services remain unaffected.

Key dates

02Disclosure timeline

November 18, 2025 CVE published
November 18, 2025 Record updated