CVE-2026-6058
MediumCVSS 4.5Exploitation Probability (EPSS)
Low risk8th percentile - higher than 8% of all known CVEs
Summary
An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 allows an adjacent attacker on the WLAN to cause a denial-of-service (DoS) condition in the web management interface. The attack requires convincing an authenticated administrator to visit the “AP Select” page while a malformed SSID is present.
Risk Assessment
The attack can make the management interface unavailable, preventing administration and potentially requiring a manual reboot. The vulnerability affects an unsupported product.
Recommendation
Immediately replace the device with a supported model, as no patch will be released. As a temporary measure, restrict management interface access to trusted networks only.
Original NVD description (English source)
** UNSUPPORTED WHEN ASSIGNED ** An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the WLAN to cause a denial-of-service (DoS) condition in the web management interface by convincing an authenticated administrator to visit the “AP Select” page while a malformed SSID is present.

