CVE-2025-13942

Name of the Vulnerable Software and Affected Versions Zyxel EX3510-B0 firmware versions through 5.17(ABUP.15.1)C0

Description A command injection flaw exists in the UPnP function of the affected devices. This allows a remote attacker to execute operating system commands on a device by sending specially crafted UPnP SOAP requests. Exploitation typically requires both UPnP and WAN management access to be enabled. Approximately 120,000 Zyxel devices are reported as exposed online. The vulnerability allows for unauthenticated remote code execution. The API endpoint used for exploitation involves sending crafted UPnP SOAP requests. The vulnerability lies in how the system handles input to the UPnP function, potentially allowing injection of malicious commands through parameters within these requests. The vulnerable component is the UPnP service.

Recommendations Update the firmware to version 5.17(ABUP.15.1)C0 or later. Disable UPnP and WAN management access if not required.