8
CVEs
1
Critical
3
High
0
KEV
0
PoC
4
Unpatched C/H
0.0%
Patch Rate
0.2%
Avg EPSS
Severity Breakdown
CRITICAL
1
HIGH
3
MEDIUM
4
LOW
0
Monthly CVE Trend
Affected Products (30)
Command Injection
10
Ex5512 T0 Firmware
8
Emg3525 T50b Firmware
8
Wx5610 B0 Firmware
8
Emg5523 T50b Firmware
8
Px3321 T1 Firmware
8
Dx5401 B1 Firmware
8
Ex7710 B0 Firmware
8
Vmg8623 T50b Firmware
8
Px5301 T0 Firmware
8
Vmg3625 T50b Firmware
8
Dx4510 B1 Firmware
8
Ee6510 10 Firmware
8
Ex5510 B0 Firmware
8
Ee3301 00 Firmware
7
Pm3100 T0 Firmware
7
Wx3100 T0 Firmware
7
Ax7501 B1 Firmware
7
We3300 00 Firmware
7
Pm7500 00 Firmware
7
Ex3501 T0 Firmware
7
Dx3301 T0 Firmware
7
Dx3300 T1 Firmware
7
Gm4100 B0 Firmware
7
Vmg4005 B50a Firmware
7
Pm5100 T0 Firmware
7
Pe5301 01 Firmware
7
Ex3600 T0 Firmware
7
Ex3500 T0 Firmware
7
Pe3301 00 Firmware
7
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-13942 | Command injection in Zyxel EX3510-B0 router UPnP functionality via firmware versions through 5.17. Allows remote code execution through the UPnP service. | CRITICAL | 9.8 | 0.5% | 49 |
No patch
|
| CVE-2025-13943 | A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected device. [CVSS 8.8 HIGH] | HIGH | 8.8 | 0.2% | 44 |
No patch
|
| CVE-2025-11730 | A post‑authentication command injection vulnerability in the Dynamic DNS (DDNS) configuration CLI command in Zyxel ATP series firmware versions from V5.35 through V5.41, USG FLEX series firmware versions from V5.35 through V5.41, USG FLEX 50(W) series firmware versions from V5.35 through V5.41, and USG20(W)-VPN series firmware versions from V5.35 through V5.41 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on an affected device by supplying a specially crafted string as an argument to the CLI command. [CVSS 7.2 HIGH] | HIGH | 7.2 | 0.3% | 36 |
No patch
|
| CVE-2026-1459 | Zyxel VMG3625-T50B, DX5401 B1, and EMG5523 T50B devices with firmware through version 5.50(ABPM.9.7)C0 contain a post-authentication command injection vulnerability in the TR-369 certificate download function that allows authenticated administrators to execute arbitrary operating system commands. An attacker with admin credentials could leverage this to gain complete control over the affected device. No patch is currently available. | HIGH | 7.2 | 0.1% | 36 |
No patch
|
| CVE-2025-11845 | A null pointer dereference vulnerability in the certificate downloader CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request. [CVSS 4.9 MEDIUM] | MEDIUM | 4.9 | 0.1% | 25 |
No patch
|
| CVE-2025-11846 | A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request. [CVSS 4.9 MEDIUM] | MEDIUM | 4.9 | 0.1% | 25 |
No patch
|
| CVE-2025-11847 | A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request. [CVSS 4.9 MEDIUM] | MEDIUM | 4.9 | 0.1% | 25 |
No patch
|
| CVE-2025-11848 | A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Zyxel VMG3625-T50B firmware version through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request. [CVSS 4.9 MEDIUM] | MEDIUM | 4.9 | 0.1% | 25 |
No patch
|