CVE-2025-13942

CRITICAL

9.8

Description

A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through 5.17(ABUP.15.1)C0 could allow a remote attacker to execute operating system (OS) commands on an affected device by sending specially crafted UPnP SOAP requests.

CVE Details

CVSS v3.1 Score9.8

SeverityCRITICAL

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack VectorNETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published2/24/2026

Last Modified2/25/2026

Sourcenvd

Honeypot Sightings0

Affected Products

zyxel:dx4510-b0zyxel:dx4510-b0_firmwarezyxel:dx4510-b1zyxel:dx4510-b1_firmwarezyxel:ee6510-10zyxel:ee6510-10_firmwarezyxel:emg6726-b10azyxel:emg6726-b10a_firmwarezyxel:ex2210-t0zyxel:ex2210-t0_firmwarezyxel:ex3510-b0zyxel:ex3510-b0_firmwarezyxel:ex3510-b1zyxel:ex3510-b1_firmwarezyxel:ex5510-b0zyxel:ex5510-b0_firmwarezyxel:ex5512-t0zyxel:ex5512-t0_firmwarezyxel:ex7710-b0zyxel:ex7710-b0_firmwarezyxel:lte3301-pluszyxel:lte3301-plus_firmwarezyxel:nebula_lte3301-pluszyxel:nebula_lte3301-plus_firmwarezyxel:nebula_nr7101zyxel:nebula_nr7101_firmwarezyxel:nr7101zyxel:nr7101_firmwarezyxel:px3321-t1zyxel:px3321-t1_firmwarezyxel:px5301-t0zyxel:px5301-t0_firmwarezyxel:vmg4927-b50azyxel:vmg4927-b50a_firmwarezyxel:wx5610-b0zyxel:wx5610-b0_firmware

Weaknesses (CWE)

CWE-78

References

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-null-pointer-dereference-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-02-24-2026(security@zyxel.com.tw)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.