CVE-2025-8693
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-18

Last updated on: 2025-12-15

Assigner: Zyxel Corporation

Description
A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an authenticated attacker to execute operating system (OS) commands on an affected device.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-18
Last Modified
2025-12-15
Generated
2026-05-07
AI Q&A
2025-11-18
EPSS Evaluated
2026-05-05
NVD
CVE-2025-8693
Affected Vendors & Products
Showing 112 associated CPEs
Vendor Product Version / Range
zyxel dm4200-b0_firmware to 5.17\(acbs.1.3\)c0 (inc)
zyxel dm4200-b0 *
zyxel dx3300-t0_firmware to 5.50\(abvy.6.3\)c0 (inc)
zyxel dx3300-t0 *
zyxel dx3300-t1_firmware to 5.50\(abvy.6.3\)c0 (inc)
zyxel dx3300-t1 *
zyxel dx3301-t0_firmware to 5.50\(abvy.6.3\)c0 (inc)
zyxel dx3301-t0 *
zyxel dx4510-b1_firmware to 5.17\(abyl.9\)c0 (inc)
zyxel dx4510-b1 *
zyxel dx5401-b0_firmware to 5.17\(abyo.7\)b2 (inc)
zyxel dx5401-b0 *
zyxel dx5401-b1_firmware to 5.17\(abyo.7\)b2 (inc)
zyxel dx5401-b1 *
zyxel ee3301-00_firmware to 5.63\(acmu.1.1\)c0 (inc)
zyxel ee3301-00 *
zyxel ee5301-00_firmware to 5.63\(acld.1.1\)c0 (inc)
zyxel ee5301-00 *
zyxel ee6510-10_firmware to 5.19\(acjq.3\)c0 (inc)
zyxel ee6510-10 *
zyxel ex3300-t0_firmware to 5.50\(abvy.6.3\)c0 (inc)
zyxel ex3300-t0 *
zyxel ex3300-t0_firmware to 5.50\(acdi.2.1\)c0 (inc)
zyxel ex3300-t0 *
zyxel ex3300-t1_firmware to 5.50\(abvy.6.3\)c0 (inc)
zyxel ex3300-t1 *
zyxel ex3301-t0_firmware to 5.50\(abvy.6.3\)c0 (inc)
zyxel ex3301-t0 *
zyxel ex3500-t0_firmware to 5.44\(achr.4\)c0 (inc)
zyxel ex3500-t0 *
zyxel ex3501-t0_firmware to 5.44\(achr.4\)c0 (inc)
zyxel ex3501-t0 *
zyxel ex3510-b0_firmware to 5.17\(abup.15\)c0 (inc)
zyxel ex3510-b0 *
zyxel ex3510-b1_firmware to 5.17\(abup.15\)c0 (inc)
zyxel ex3510-b1 *
zyxel ex3600-t0_firmware to 5.70\(acif.1.2\)c0 (inc)
zyxel ex3600-t0 *
zyxel ex5401-b0_firmware to 5.17\(abyo.7\)b2 (inc)
zyxel ex5401-b0 *
zyxel ex5401-b1_firmware to 5.17\(abyo.7\)b2 (inc)
zyxel ex5401-b1 *
zyxel ex5501-b0_firmware to 5.17\(abry.5.5\)c0 (inc)
zyxel ex5501-b0 *
zyxel ex5510-b0_firmware to 5.17\(abqx.10\)c0 (inc)
zyxel ex5510-b0 *
zyxel ex5512-t0_firmware to 5.70\(aceg.5\)c0 (inc)
zyxel ex5512-t0 *
zyxel ex5601-t0_firmware to 5.70\(acdz.4.1\)c0 (inc)
zyxel ex5601-t0 *
zyxel ex5601-t1_firmware to 5.70\(acdz.4.1\)c0 (inc)
zyxel ex5601-t1 *
zyxel ex7501-b0_firmware to 5.18\(achn.2.1\)c0 (inc)
zyxel ex7501-b0 *
zyxel ex7710-b0_firmware to 5.18\(acak.1.4\)c0 (inc)
zyxel ex7710-b0 *
zyxel emg3525-t50b_firmware to 5.50\(abpm.9.5\)c0 (inc)
zyxel emg3525-t50b *
zyxel emg5523-t50b_firmware to 5.50\(abpm.9.5\)c0 (inc)
zyxel emg5523-t50b *
zyxel emg5723-t50k_firmware to 5.50\(abom.8.6\)c0 (inc)
zyxel emg5723-t50k *
zyxel gm4100-b0_firmware to 5.18\(accl.1\)c0 (inc)
zyxel gm4100-b0 *
zyxel vmg3625-t50b_firmware to 5.50\(abpm.9.5\)c0 (inc)
zyxel vmg3625-t50b *
zyxel vmg3927-t50k_firmware to 5.50\(abom.8.6\)c0 (inc)
zyxel vmg3927-t50k *
zyxel vmg4005-b50a_firmware to 5.17\(abqa.3\)c0 (inc)
zyxel vmg4005-b50a *
zyxel vmg4005-b60a_firmware to 5.17\(abqa.3\)c0 (inc)
zyxel vmg4005-b60a *
zyxel vmg4005-b50b_firmware to 5.13\(abrl.5.3\)c0 (inc)
zyxel vmg4005-b50b *
zyxel vmg8623-t50b_firmware to 5.50\(abpm.9.5\)c0 (inc)
zyxel vmg8623-t50b *
zyxel vmg8825-t50k_firmware to 5.50\(abom.8.6\)c0 (inc)
zyxel vmg8825-t50k *
zyxel ax7501-b0_firmware to 5.17\(abpc.6.1\)c0 (inc)
zyxel ax7501-b0 *
zyxel ax7501-b1_firmware to 5.17\(abpc.6.1\)c0 (inc)
zyxel ax7501-b1 *
zyxel pe3301-00_firmware to 5.63\(acmt.1.1\)c0 (inc)
zyxel pe3301-00 *
zyxel pe5301-01_firmware to 5.63\(acoj.1.1\)c0 (inc)
zyxel pe5301-01 *
zyxel pm3100-t0_firmware to 5.42\(acbf.3\)c0 (inc)
zyxel pm3100-t0 *
zyxel pm5100-t0_firmware to 5.42\(acbf.3\)c0 (inc)
zyxel pm5100-t0 *
zyxel pm7500-00_firmware to 5.61\(ackk.1\)c0 (inc)
zyxel pm7500-00 *
zyxel pm7300-t0_firmware to 5.42\(abyy.3\)c0 (inc)
zyxel pm7300-t0 *
zyxel px3321-t1_firmware to 5.44\(acjb.1.3\)c0 (inc)
zyxel px3321-t1 *
zyxel px3321-t1_firmware to 5.44\(achk.1\)c0 (inc)
zyxel px3321-t1 *
zyxel px5301-t0_firmware to 5.44\(ackb.0.4\)c0 (inc)
zyxel px5301-t0 *
zyxel we3300-00_firmware to 5.70\(acka.0\)c0 (inc)
zyxel we3300-00 *
zyxel wx3100-t0_firmware to 5.50\(abvl.4.7\)c0 (inc)
zyxel wx3100-t0 *
zyxel wx3401-b0_firmware to 5.17\(abve.2.8\)c0 (inc)
zyxel wx3401-b0 *
zyxel wx3401-b1_firmware to 5.17\(abve.2.8\)c0 (inc)
zyxel wx3401-b1 *
zyxel wx5600-t0_firmware to 5.70\(aceb.4.1\)c0 (inc)
zyxel wx5600-t0 *
zyxel wx5610-b0_firmware to 5.18\(acgj.0.3\)c0 (inc)
zyxel wx5610-b0 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a post-authentication command injection in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier. It allows an authenticated attacker to execute operating system commands on the affected device.


How can this vulnerability impact me? :

An attacker who is authenticated on the device could execute arbitrary operating system commands, potentially leading to full compromise of the device, including unauthorized access, data manipulation, or disruption of services.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart