MEDIUM SeverityCVSS 3.16.5CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2026-7255

Last updated May 12, 2026 · Published May 12, 2026

Description

** UNSUPPORTED WHEN ASSIGNED ** An improper restriction of excessive authentication attempts vulnerability in the web management interface of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the LAN to brute-force the password and bypass authentication.

Affected products

1 listed

Zyxel:WRE6505 v2 firmware

Mappings

CWE

CWE-307

CAPEC

None listed.

Research

AuthenticationA threat-focused guide to authentication, covering attack paths, design pitfalls, and concrete defenses from…

Guides

JWT Security Best PracticesWhat to validate, rotate, and avoid in real systems.
OAuth 2.0 Security Best PracticesCommon pitfalls in PKCE, tokens, and redirect handling.

Training

Authentication PatternsOAuth 2.1, passkeys, WebAuthn, and JWTs - modern identity for modern apps.

CVE-2026-7255

Description

Affected products

Mappings

Related