How to fix CVE-2025-8693?

Within 30 days: Identify all affected systems and apply vendor patches as part of regular patch cycle. Validate that input sanitization is in place for all user-controlled parameters.

Is Command Injection affected by CVE-2025-8693?

CVE-2025-8693 presents significant security risk, a OS command injection vulnerability rated CVSS 8.8. Successful exploitation could allow attackers to execute arbitrary code or commands on affected systems, potentially leading to full system compromise.

CVE-2025-8693

HIGH

2025-11-18 [email protected]

8.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 19:22 vuln.today

CVE Published

Nov 18, 2025 - 02:15 nvd

HIGH 8.8

Tags

Command Injection Zyxel Dm4200 B0 Firmware Dx3300 T0 Firmware Dx3300 T1 Firmware Dx3301 T0 Firmware Dx4510 B1 Firmware Dx5401 B0 Firmware Dx5401 B1 Firmware Ee3301 00 Firmware Ee5301 00 Firmware Ee6510 10 Firmware Ex3300 T0 Firmware Ex3300 T1 Firmware Ex3301 T0 Firmware Ex3500 T0 Firmware Ex3501 T0 Firmware Ex3510 B0 Firmware Ex3510 B1 Firmware Ex3600 T0 Firmware Ex5401 B0 Firmware Ex5401 B1 Firmware Ex5501 B0 Firmware Ex5510 B0 Firmware Ex5512 T0 Firmware Ex5601 T0 Firmware Ex5601 T1 Firmware Ex7501 B0 Firmware Ex7710 B0 Firmware Emg3525 T50b Firmware Emg5523 T50b Firmware Emg5723 T50K Firmware Gm4100 B0 Firmware Vmg3625 T50b Firmware Vmg3927 T50K Firmware Vmg4005 B50a Firmware Vmg4005 B60a Firmware Vmg4005 B50B Firmware Vmg8623 T50b Firmware Vmg8825 T50K Firmware Ax7501 B0 Firmware Ax7501 B1 Firmware Pe3301 00 Firmware Pe5301 01 Firmware Pm3100 T0 Firmware Pm5100 T0 Firmware Pm7500 00 Firmware Pm7300 T0 Firmware Px3321 T1 Firmware Px5301 T0 Firmware We3300 00 Firmware Wx3100 T0 Firmware Wx3401 B0 Firmware Wx3401 B1 Firmware Wx5600 T0 Firmware Wx5610 B0 Firmware

Description

A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an authenticated attacker to execute operating system (OS) commands on an affected device.

Analysis

A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an authenticated attacker to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical Context

This vulnerability is classified as OS Command Injection (CWE-78), which allows attackers to execute arbitrary operating system commands on the host. A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an authenticated attacker to execute operating system (OS) commands on an affected device. Affected products include: Zyxel Dm4200-B0 Firmware, Zyxel Dx3300-T0 Firmware, Zyxel Dx3300-T1 Firmware, Zyxel Dx3301-T0 Firmware, Zyxel Dx4510-B1 Firmware. Version information: version 5.50.

Affected Products

Zyxel Dm4200-B0 Firmware, Zyxel Dx3300-T0 Firmware, Zyxel Dx3300-T1 Firmware, Zyxel Dx3301-T0 Firmware, Zyxel Dx4510-B1 Firmware.

Remediation

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Avoid passing user input to shell commands. Use language-specific APIs instead of shell execution. Apply strict input validation with allowlists.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.2

CVSS: +44

POC: 0

CVE-2025-8693 vulnerability details – vuln.today

Back

CVE-2025-8693

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code