Rumble00

**Name of the Vulnerable Software and Affected Versions** ZyXel PMG2005-T20B firmware version V1.00(ABNK.2)b11 C0 **Description** The issue is related to a buffer overflow vulnerability in the cgi-bin/login.asp component of the ZyXel PMG2005-T20B firmware. This vulnerability can be exploited by a remote attacker to cause a denial of service condition via a crafted `uid` parameter. **Recommendations** For ZyXel PMG2005-T20B firmware version V1.00(ABNK.2)b11 C0, as a temporary workaround, consider restricting access to the cgi-bin/login.asp component until a patch is available. Avoid using the `uid` parameter in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.