What is the CVSS score of CVE-2025-13942?

CVE-2025-13942 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.5%.

Which versions of Dx4510 B0 Firmware are affected by CVE-2025-13942?

A critical remote code execution vulnerability (CVE-2025-13942) affects Zyxel EX3510-B0 network devices, allowing unauthenticated attackers to execute arbitrary commands without a vendor patch.

How to fix or mitigate CVE-2025-13942?

Within 24 hours: Identify and inventory all Zyxel EX3510-B0 devices in your environment; isolate affected devices from production networks if operationally feasible or apply network-level mitigations immediately. Within 7 days: Implement compensating controls (disable UPnP, segment network access, deploy WAF rules); escalate to vendor for patch timeline and consider device replacement planning. Within 30 days: Complete migration to patched firmware versions or replacement devices; conduct forensic analysis for signs of compromise; review network access logs for suspicious UPnP SOAP requests.

Dx4510 B0 Firmware CVE-2025-13942

CRITICAL

OS Command Injection (CWE-78)

2026-02-24 security@zyxel.com.tw

Command Injection Zyxel Dx4510 B0 Firmware Dx4510 B1 Firmware Ee6510 10 Firmware Emg6726 B10a Firmware Ex2210 T0 Firmware Ex3510 B0 Firmware Ex3510 B1 Firmware Ex5510 B0 Firmware Ex5512 T0 Firmware Ex7710 B0 Firmware Lte3301 Plus Firmware Nebula Lte3301 Plus Firmware Nebula Nr7101 Firmware Nr7101 Firmware Px3321 T1 Firmware Px5301 T0 Firmware Vmg4927 B50a Firmware Wx5610 B0 Firmware

9.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

CVE Published

Feb 24, 2026 - 03:16 nvd

CRITICAL 9.8

DescriptionNVD

A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through 5.17(ABUP.15.1)C0 could allow a remote attacker to execute operating system (OS) commands on an affected device by sending specially crafted UPnP SOAP requests.

AnalysisAI

Command injection in Zyxel EX3510-B0 router UPnP functionality via firmware versions through 5.17. Allows remote code execution through the UPnP service.

Technical ContextAI

CWE-78 OS command injection through UPnP functionality. UPnP is often enabled by default and accessible from the LAN.

RemediationAI

Update Zyxel firmware. Disable UPnP if not needed.

CVE-2025-13942 vulnerability details – vuln.today

Back

Dx4510 B0 Firmware CVE-2025-13942

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code