FKIE_CVE-2025-13943
Vulnerability from fkie_nvd - Published: 2026-02-24 03:16 - Updated: 2026-02-25 18:13
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ee5301-00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA00C9F-B69A-4D94-9778-9BAC1DE0857C",
"versionEndExcluding": "5.63\\(acld.2.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ee5301-00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B28CD570-8DF0-428D-9EF6-87B05DD019D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ee3301-00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88483F35-88B4-4B81-B6F9-616A76D8FA28",
"versionEndExcluding": "5.63\\(acmu.2.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ee3301-00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6360F4D5-AFA7-4BE2-A3DE-8936453FF7ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CAA5ABD-E88B-4C82-BBCB-BD516B69A441",
"versionEndExcluding": "5.17\\(abyo.7.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:dx4510-b1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEA4C738-597E-4BB1-AB7C-8A0343FADFE8",
"versionEndExcluding": "5.17\\(abyl.10.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8668990-045A-4DDD-9089-DE0025B69765",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:dx4510-b0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC432F5C-8013-4E96-969C-BCFCA11D3883",
"versionEndExcluding": "5.17\\(abyl.10.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:dx4510-b0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0338E1C-2509-4510-8C8D-4BD5AEA47D81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F489EEA1-1CFD-4F12-AB89-099A88931280",
"versionEndExcluding": "5.50\\(abvy.7.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BBDC072-5D40-4130-9B5F-22FDA9BF909A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DDB2E4D-C18B-46A5-BB8C-294A2E42B711",
"versionEndExcluding": "5.50\\(abvy.7.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2456F691-C182-4BE6-A08F-5E1717366DCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3AEA6BB-ABD1-4A2A-B6B9-F24AF73258C4",
"versionEndExcluding": "5.50\\(abvy.7.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3E176E-F728-4385-8533-4C694D43898A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ee6510-10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A28F95D9-1258-4A48-90BD-C940AD483932",
"versionEndExcluding": "5.19\\(acjq.4.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ee6510-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4AE46D-E374-4224-9A66-4291B6A10C00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85F72409-B064-4373-8F0C-2B2006C28459",
"versionEndExcluding": "5.50\\(abpm.9.7\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9259E2F6-885D-4B44-8D40-20758DA599D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5050676B-2625-46D9-AA8A-E3A3B81BFE76",
"versionEndExcluding": "5.50\\(abpm.9.7\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3ECE0EB-C429-4716-ABFB-73540847EB9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex2210-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4992D884-890D-41D2-85BA-B2DF13A8941D",
"versionEndExcluding": "5.50\\(acdi.2.3\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex2210-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A71E4E6F-357E-4DAA-B7D7-7CF44000F0CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8992291D-7212-4BF7-A038-5B906B376207",
"versionEndExcluding": "5.50\\(abvy.7.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "137F8B94-4176-4D9B-8704-28525E7352D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4307A719-A7CA-4F49-BC41-2DD2EBA54ED5",
"versionEndExcluding": "5.50\\(abvy.7.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F766221F-7478-4E39-B4CD-A2498ACEE754",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91388E23-D251-4889-B2D8-42BD053B804D",
"versionEndExcluding": "5.50\\(abvy.7.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEF1AFA-57D1-497E-87CC-2DCEC84C82D4",
"versionEndExcluding": "5.44\\(achr.5.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8714EB1B-38E5-4295-AD26-EE13E2161DEA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5050B03-1F8A-40D3-99D5-E5E2F0A8A310",
"versionEndExcluding": "5.44\\(achr.5.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A98F76BD-0404-46DD-AE6A-EB630FEC8904",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4338AEC-15AE-44F5-B9CF-743E9CF57014",
"versionEndExcluding": "5.17\\(abup.15.2\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0455EC5-B783-4CDB-9DC0-D8EF377A5F2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex3510-b1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67391540-C81F-4404-8F2F-038DCD719E15",
"versionEndExcluding": "5.17\\(abup.15.2\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex3510-b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F955BD9-4D44-46BE-8605-51C6250A74D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex3600-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27CE8827-BF43-4B01-A04A-A3F4DC10137B",
"versionEndExcluding": "5.70\\(acif.2.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex3600-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3BCC6A9-1CAE-459D-BE7D-AAB956BD1B92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FDF5568-A486-4E32-B4D5-0FC88C257FA1",
"versionEndExcluding": "5.17\\(abyo.7.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7213FA12-5CD6-4E9B-8387-A52AEF17EA10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB37D43B-9E31-4C30-9C8D-C851DB9ED61E",
"versionEndExcluding": "5.17\\(abqx.11.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E82D41CC-2EB3-4892-8383-FB2C9EC64D9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex5512-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9667BB3D-4148-43D2-8C86-7C062B261265",
"versionEndExcluding": "5.70\\(aceg.5.3\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F32FA3FB-CE89-4CC1-9D8D-765B90A122DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F04E31F-33BF-47B3-B4CD-57090DA2EA15",
"versionEndExcluding": "5.70\\(acdz.5.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABFF2039-5DCC-4850-8BDA-3D418629C226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex5601-t1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87A30CC3-F925-4D23-8D8A-C5DC57CFEFD4",
"versionEndExcluding": "5.70\\(acdz.5.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D629D4B6-B2F2-45F1-9295-71751570C231",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex7501-b0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4AA948-A8B5-4C46-8082-F71CDDB6C496",
"versionEndExcluding": "5.18\\(achn.3.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex7501-b0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE049DE-A5DA-4A4F-BA30-BBD09FF34DE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ex7710-b0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0453035D-D806-426F-BA39-A640AF4061BC",
"versionEndExcluding": "5.18\\(acak.1.6\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ex7710-b0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07727D9C-723B-4761-B6B6-07FE1784D3C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:gm4100-b0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E6F3AD9-93A7-4272-B7E7-DB3BAB995B3F",
"versionEndExcluding": "5.18\\(accl.2\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:gm4100-b0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "182AB7CA-DFD4-4C0A-958B-6794A39FFAEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:pm7500-00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D51197C9-8070-41C8-AB30-4C21189E5D90",
"versionEndExcluding": "5.61\\(ackk.1.2\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:pm7500-00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BE5AD-2CB3-4161-9A24-AD1C96776A35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B40D8ACC-70D5-45BC-A9FC-96C4C11B1399",
"versionEndExcluding": "5.50\\(abpm.9.7\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5E8468-D12F-4CBE-AC7E-27D5A928A85A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vmg4005-b50a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0588E097-D09F-4FC9-98EC-C070D3DB8139",
"versionEndExcluding": "5.17\\(abqa.3.2\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88F74228-AC0C-4150-974D-54D77BBF9A90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vmg4005-b60a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B77CE7B5-1EEC-48BC-9214-DADE59E1C2EE",
"versionEndExcluding": "5.17\\(abqa.3.2\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30C1B91D-3EA0-4A1D-833A-6767A6C84DA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:ax7501-b1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8833DF24-1C29-43FB-A639-7E48C0F8DD60",
"versionEndExcluding": "5.17\\(abpc.7.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780BBA7D-7E2C-4624-AA15-8A51F3DF428F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:pe3301-00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A32CF9-8AFA-4955-9192-34AB38C648CA",
"versionEndExcluding": "5.63\\(acmt.2.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:pe3301-00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4171802-2480-4F21-A17A-49D8D0E3727A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:pe5301-01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3F2B7AB-4463-47D9-B738-58031AAF5F3F",
"versionEndExcluding": "5.63\\(acoj.2.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:pe5301-01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8CFFB6F6-F8ED-4AFA-B1D7-4E9C5D1F7897",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:pm3100-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEAE743-41C2-49C8-8B16-F4082F11DBA0",
"versionEndExcluding": "5.42\\(acbf.4.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:pm3100-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F78F88D4-A782-4075-A3CB-A728CE4014DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:pm5100-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D28748E3-F930-44BF-A500-13FF3FD94A97",
"versionEndExcluding": "5.42\\(acbf.4.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:pm5100-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "249AF476-CAA4-4C87-8CC3-E0AF15E61F7E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:pm5100-t1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D7134E-81A6-4055-928D-C2F1FD4B5D17",
"versionEndExcluding": "5.42\\(acbf.4.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:pm5100-t1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4716A455-4D5A-4750-8403-AB7E1A4C3336",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AB72E6-E6CF-40C5-8177-1ADC7E571E2C",
"versionEndExcluding": "5.42\\(abyy.4.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD1E2E3-2BB8-4CB3-AF81-C916312FE361",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F751BEB-1A49-4124-B45B-3730AA448CDE",
"versionEndExcluding": "5.44\\(achk.3\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB525DE-2E08-4848-976E-7DF6C7E19578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68683D4E-65E9-4BD0-B9FD-9593170BF6C3",
"versionEndExcluding": "5.44\\(acjb.1.5\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB525DE-2E08-4848-976E-7DF6C7E19578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:px5301-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01B59D2A-6414-4672-A695-744A829416B5",
"versionEndExcluding": "5.44\\(ackb.0.6\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:px5301-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EBB4C27-DAEB-4297-98DC-3B22353B5184",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02A1CBEE-2FC8-4726-B69D-18C54E97182F",
"versionEndExcluding": "5.50\\(abpm.9.7\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3535B63-318C-4EB5-ADC8-0AF3FB443DFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:we3300-00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C2C4E4-C29B-49BB-A1FA-24F4B1B0997E",
"versionEndExcluding": "5.70\\(acka.1.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:we3300-00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "532CBEBB-0D42-42F7-9916-7D8E360E0776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wx3100-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC161091-7537-485A-BF26-65D3A550B0B6",
"versionEndExcluding": "5.50\\(abvl.4.9\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C56248-D12F-46DC-A52F-0607E4A5DCCC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wx3401-b1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B17F2F6-3DD9-4674-82CB-A61323BA7277",
"versionEndExcluding": "5.17\\(abve.2.10\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wx3401-b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C8FB13-CBCF-4A74-8DFD-874B9A990577",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4B7264-0E03-4527-BA9E-07AF5F4C8D9D",
"versionEndExcluding": "5.70\\(aceb.5.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:wx5610-b0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B96C5D67-D4B3-460C-8EED-A847F0AF99DB",
"versionEndExcluding": "5.18\\(acgj.0.5\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:wx5610-b0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88909887-E078-4EC5-BA49-2EFCABF1EB1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:dm4200-b0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B735C761-3793-4FF9-841D-C4069489514C",
"versionEndExcluding": "5.17\\(acbs.1.6\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:dm4200-b0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F90F23-614E-44D9-B2A4-2E29EC35C7C3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:we4600-00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E938005B-6E98-4EDF-8503-F4166B0A777E",
"versionEndExcluding": "6.70\\(ackt.0\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:we4600-00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39E894F1-DA55-4E1A-90F6-002271E55B88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B10052-0ABA-4488-94E6-046C8445977A",
"versionEndExcluding": "5.13\\(abnp.8.2\\)c1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "304D3B33-F7EC-4EB3-B6EF-6BEB2112F9C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:am7510-00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "515024CF-72E4-4189-9FAF-6E48BDA85F7E",
"versionEndExcluding": "5.63\\(acoe.0.1\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:am7510-00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B70256B-4916-4CBC-ADCB-6CB31E805564",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FABB6F2-114B-4732-A4C7-467E99B1ADF5",
"versionEndExcluding": "5.13\\(ably.10.2\\)c0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0EE70D2-51BB-4E45-8995-655C1394C440",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through\u00a05.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n de comandos post-autenticaci\u00f3n en la funci\u00f3n de descarga de archivos de registro de las versiones de firmware Zyxel EX3301-T0 hasta 5.50(ABVY.7)C0 podr\u00eda permitir a un atacante autenticado ejecutar comandos del sistema operativo (SO) en un dispositivo afectado."
}
],
"id": "CVE-2025-13943",
"lastModified": "2026-02-25T18:13:55.097",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security@zyxel.com.tw",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2026-02-24T03:16:00.407",
"references": [
{
"source": "security@zyxel.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-null-pointer-dereference-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-02-24-2026"
}
],
"sourceIdentifier": "security@zyxel.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "security@zyxel.com.tw",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…