CVE-2025-13942

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-13942
A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through 5.17(ABUP.15.1)C0 could allow a remote attacker to execute operating system (OS) commands on an affected device by sending specially crafted UPnP SOAP requests.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-null-pointer-dereference-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-02-24-2026 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:zyxel:wx5610-b0_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:wx5610-b0:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:zyxel:lte3301-plus_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:zyxel:dx4510-b0_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:dx4510-b0:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:zyxel:dx4510-b1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:zyxel:ee6510-10_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:ee6510-10:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:zyxel:ex2210-t0_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:ex2210-t0:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:zyxel:ex3510-b1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:ex3510-b1:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:zyxel:ex5512-t0_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:zyxel:ex7710-b0_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:ex7710-b0:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:zyxel:px3321-t1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:px3321-t1:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:zyxel:px5301-t0_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:px5301-t0:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2026-02-24 03:16

Updated : 2026-02-25 18:13

NVD link : CVE-2025-13942

Mitre link : CVE-2025-13942

CVE.ORG link : CVE-2025-13942

JSON object : View

Products Affected

zyxel

  • nebula_nr7101_firmware
  • wx5610-b0_firmware
  • emg6726-b10a
  • ee6510-10_firmware
  • ex5512-t0
  • ex3510-b1
  • nr7101_firmware
  • dx4510-b1
  • vmg4927-b50a
  • lte3301-plus_firmware
  • dx4510-b0
  • ex3510-b1_firmware
  • px3321-t1_firmware
  • ex2210-t0_firmware
  • vmg4927-b50a_firmware
  • ex5510-b0_firmware
  • dx4510-b0_firmware
  • px3321-t1
  • ex7710-b0_firmware
  • ex2210-t0
  • ex5512-t0_firmware
  • ex3510-b0_firmware
  • ex7710-b0
  • nebula_nr7101
  • lte3301-plus
  • px5301-t0
  • dx4510-b1_firmware
  • ex3510-b0
  • nebula_lte3301-plus_firmware
  • nr7101
  • wx5610-b0
  • px5301-t0_firmware
  • ex5510-b0
  • ee6510-10
  • nebula_lte3301-plus
  • emg6726-b10a_firmware
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')