How to fix CVE-2025-13943?

Within 24 hours: Inventory all Zyxel EX3301-T0 devices and identify those running firmware versions through 5.50(ABVY.7)C0; restrict administrative access to trusted personnel only. Within 7 days: Monitor device logs for suspicious command patterns; implement network segmentation to isolate affected devices from critical systems. Within 30 days: Contact Zyxel for patch availability; evaluate replacement options if patches remain unavailable; test and deploy patches immediately upon release.

Is Command Injection affected by CVE-2025-13943?

A high-severity vulnerability in Zyxel EX3301-T0 network devices allows authenticated users to execute arbitrary commands, potentially compromising network infrastructure and sensitive data.

CVE-2025-13943

HIGH

2026-02-24 [email protected]

8.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

CVE Published

Feb 24, 2026 - 03:16 nvd

HIGH 8.8

Tags

Zyxel Command Injection Dx3300 T1 Firmware Px3321 T1 Firmware Wx5610 B0 Firmware Dx3301 T0 Firmware Pm3100 T0 Firmware Ex7710 B0 Firmware Ex5512 T0 Firmware Px5301 T0 Firmware Ex5401 B1 Firmware Pm5100 T0 Firmware Ex3510 B0 Firmware Ee6510 10 Firmware Vmg3625 T50b Firmware We4600 00 Firmware Emg6726 B10a Firmware Ex3500 T0 Firmware Ex3301 T0 Firmware Emg3525 T50b Firmware Pm7500 00 Firmware Pm7300 T0 Firmware Wx3401 B1 Firmware Ex5601 T0 Firmware Ex7501 B0 Firmware Pm5100 T1 Firmware Wx3100 T0 Firmware We3300 00 Firmware Dx5401 B1 Firmware Ex3300 T1 Firmware Ax7501 B1 Firmware Vmg4927 B50a Firmware Ex3600 T0 Firmware Ee3301 00 Firmware Dx4510 B1 Firmware Dx4510 B0 Firmware Ex3510 B1 Firmware Pe5301 01 Firmware Ee5301 00 Firmware Ex5601 T1 Firmware Vmg4005 B60a Firmware Pe3301 00 Firmware Vmg4005 B50a Firmware Dx3300 T0 Firmware Vmg8623 T50b Firmware Gm4100 B0 Firmware Ex5510 B0 Firmware Ex3501 T0 Firmware Dm4200 B0 Firmware Am7510 00 Firmware Emg5523 T50b Firmware Ex3300 T0 Firmware Ex2210 T0 Firmware Wx5600 T0 Firmware

Description

A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected device.

Analysis

Technical Context

Classified as CWE-78 (OS Command Injection). Affects the log file download component of Ee5301-00 Firmware. A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected device.

Affected Products

Vendor: Zyxel. Product: Ee5301-00 Firmware. Versions: up to 5.50. Component: log file download.

Remediation

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.2

CVSS: +44

POC: 0

CVE-2025-13943 vulnerability details – vuln.today

Back

CVE-2025-13943

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code