CVE-2025-8693

CVSS v3.1

8.8

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Zyxel DX3300-T0 firmware versions prior to 5.50(ABVY.6.3)C0

Description A post-authentication command injection issue exists in the

priv

parameter. Successful exploitation allows an authenticated attacker to execute operating system (OS) commands on an affected device. The vulnerability is present in the Zyxel DX3300-T0 firmware.

Recommendations Update Zyxel DX3300-T0 firmware to version 5.50(ABVY.6.3)C0 or later.

Fix

RCE

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2025-8693

Affected Products

Zyxel Dx3300-T0

CVE-2025-8693

Weakness Enumeration

Related Identifiers

Affected Products

References · 10