{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-7273/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-16T02:20:29.847Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-7273","@id":"https://www.cve.org/CVERecord?id=CVE-2026-7273","description":"A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2.90(ABTQ.1)C0 could allow a LAN-based, unauthenticated attacker to exploit the flaw and potentially execute OS commands via a crafted HTTP request."},"products":[{"@id":"cpe:2.3:a:zyxel:gs1900-48hpv2_firmware:\\<\\=_2.90\\(abtq.1\\)c0:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:zyxel:gs1900-48hpv2_firmware:\\<\\=_2.90\\(abtq.1\\)c0:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:zyxel:gs1900-8_firmware:\\<\\=_2.90\\(aahh.1\\)c0:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:zyxel:gs1900-8_firmware:\\<\\=_2.90\\(aahh.1\\)c0:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:zyxel:gs1900-8hp_firmware:\\<\\=_2.90\\(aahi.1\\)c0:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:zyxel:gs1900-8hp_firmware:\\<\\=_2.90\\(aahi.1\\)c0:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:zyxel:gs1900-10hp_firmware:\\<\\=_2.90\\(aazi.1\\)c0:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:zyxel:gs1900-10hp_firmware:\\<\\=_2.90\\(aazi.1\\)c0:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:zyxel:gs1900-16_firmware:\\<\\=_2.90\\(aahj.1\\)c0:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:zyxel:gs1900-16_firmware:\\<\\=_2.90\\(aahj.1\\)c0:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:zyxel:gs1900-24_firmware:\\<\\=_2.90\\(aahl.1\\)c0:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:zyxel:gs1900-24_firmware:\\<\\=_2.90\\(aahl.1\\)c0:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:zyxel:gs1900-24e_firmware:\\<\\=_2.90\\(aahk.1\\)c0:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:zyxel:gs1900-24e_firmware:\\<\\=_2.90\\(aahk.1\\)c0:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:zyxel:gs1900-24ep_firmware:\\<\\=_2.90\\(abto.1\\)c0:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:zyxel:gs1900-24ep_firmware:\\<\\=_2.90\\(abto.1\\)c0:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:zyxel:gs1900-24hpv2_firmware:\\<\\=_2.90\\(abtp.1\\)c0:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:zyxel:gs1900-24hpv2_firmware:\\<\\=_2.90\\(abtp.1\\)c0:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:zyxel:gs1900-48_firmware:\\<\\=_2.90\\(aahn.1\\)c0:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:zyxel:gs1900-48_firmware:\\<\\=_2.90\\(aahn.1\\)c0:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"No fixed version is published yet; monitor the upstream advisory.","timestamp":"2026-06-16T02:20:29.847Z"}]}