CVE-2025-13943 Zyxel — Exploit & Vulnerability Details HIGH

CVE-2025-13943

HIGH CVSS 3.1: 8.8 EPSS 0.05%

Parameter	Value
CVSS	8.8 (HIGH)
Type	CWE-78 (OS Command Injection)
Vendor	Zyxel
Public PoC	No

A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected device.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Privileges Required

Low

Basic privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-78 OS Command Injection

References 1

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advi…

security@zyxel.com.tw

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-1459

Zyxel

7.2

CVE-2025-13942

Zyxel

9.8

CVE-2025-11848

Zyxel

4.9

CVE-2025-11847

Zyxel

4.9

CVE-2025-11846

Zyxel

4.9

Menu

CVE-2025-13943

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-1459

CVE-2025-13942

CVE-2025-11848

CVE-2025-11847

CVE-2025-11846

CVE Details

Editor's Choice

Menu

CVE-2025-13943

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-1459

CVE-2025-13942

CVE-2025-11848

CVE-2025-11847

CVE-2025-11846

CVE Details

Editor's Choice

Stay informed on cybersecurity