Primary

Context

Zyxel DX3300-T0 Command Injection Vulnerability in EasyMesh APIs

Vulnerability

Patched

A command injection vulnerability has been identified in the EasyMesh-related APIs of the Zyxel DX3300-T0 firmware, affecting versions through 5.50(ABVY.7.1)C0. This vulnerability allows an authenticated, adjacent attacker with administrator privileges to execute operating system commands on the affected device. The issue arises from the handling of certain API requests, which can be manipulated to inject and execute commands on the device's operating system.

Impact

Exploitation of this vulnerability could lead to unauthorized command execution on the affected device's operating system, potentially allowing an attacker to manipulate the device's functions or access sensitive information.

Remediation

Users are advised to update to version 5.50(ABVY.7.2)C0. For devices acquired through an ISP, contact the ISP's support team. For other devices, reach out to the local Zyxel support team or visit Zyxel's Community for assistance.

Added: Apr 28, 2026, 3:23 AM

Updated: Apr 28, 2026, 3:23 AM

Affected Products

Zyxel DX3300-T0

Moderate fix1 remedy

cpe:2.3:h:zyxel:dx3300-t0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.50(ABVY.7.1)C0

Zyxel DX3300-T1

Moderate fix1 remedy

cpe:2.3:h:zyxel:dx3300-t1:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.50(ABVY.7.1)C0

Zyxel DX3301-T0

Moderate fix1 remedy

cpe:2.3:h:zyxel:dx3301-t0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.50(ABVY.7.1)C0

Zyxel DX5401-B0

Moderate fix1 remedy

cpe:2.3:h:zyxel:dx5401-b0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.17(ABYO.7.1)C0

Zyxel DX5401-B1

Moderate fix1 remedy

cpe:2.3:h:zyxel:dx5401-b1:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.17(ABYO.7.1)C0

Zyxel EE3301-00

Moderate fix1 remedy

<= 5.63(ACMU.2.1)C0

Zyxel EMG3525-T50B

Moderate fix1 remedy

cpe:2.3:h:zyxel:emg3525-t50b:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.50(ABPM.9.7)C0

Zyxel EMG5523-T50B

Moderate fix1 remedy

cpe:2.3:h:zyxel:emg5523-t50b:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.50(ABPM.9.7)C0

Zyxel EX3300-T0

Moderate fix1 remedy

cpe:2.3:h:zyxel:ex3300-t0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.50(ABVY.7.1)C0

Zyxel EX3300-T1

Moderate fix1 remedy

cpe:2.3:h:zyxel:ex3300-t1:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.50(ABVY.7.1)C0

Zyxel EX3301-T0

Moderate fix1 remedy

cpe:2.3:h:zyxel:ex3301-t0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.50(ABVY.7.1)C0

Zyxel EX3500-T0

Moderate fix1 remedy

cpe:2.3:h:zyxel:ex3500-t0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.44(ACHR.5.1)C0

Zyxel EX3501-T0

Moderate fix1 remedy

cpe:2.3:h:zyxel:ex3501-t0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.44(ACHR.5.1)C0

Zyxel EX3600-T0

Moderate fix1 remedy

cpe:2.3:h:zyxel:ex3600-t0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.70(ACIF.2.1)C0

Zyxel EX5401-B0

Moderate fix1 remedy

cpe:2.3:h:zyxel:ex5401-b0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.17(ABYO.7.1)C0

Zyxel EX5401-B1

Moderate fix1 remedy

cpe:2.3:h:zyxel:ex5401-b1:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.17(ABYO.7.1)C0

Zyxel EX5512-T0

Moderate fix1 remedy

cpe:2.3:h:zyxel:ex5512-t0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.70(ACEG.5.4)C0

Zyxel EX5601-T0

Moderate fix1 remedy

cpe:2.3:h:zyxel:ex5601-t0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.70(ACDZ.5.1)C0

Zyxel EX5601-T1

Moderate fix1 remedy

cpe:2.3:h:zyxel:ex5601-t1:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.70(ACDZ.5.1)C0

Zyxel EX7501-B0

Moderate fix1 remedy

cpe:2.3:h:zyxel:ex7501-b0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.18(ACHN.3.1)C0

Zyxel VMG3625-T50B

Moderate fix1 remedy

cpe:2.3:h:zyxel:vmg3625-t50b:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.50(ABPM.9.7)C0

Zyxel VMG8623-T50B

Moderate fix1 remedy

cpe:2.3:h:zyxel:vmg8623-t50b:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.50(ABPM.9.7)C0

Zyxel AX7501-B0

Moderate fix1 remedy

cpe:2.3:h:zyxel:ax7501-b0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.17(ABPC.7.1)C0

Zyxel AX7501-B1

Moderate fix1 remedy

cpe:2.3:h:zyxel:ax7501-b1:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.17(ABPC.7.1)C0

Zyxel PE3301-00

Moderate fix1 remedy

<= 5.63(ACMT.2.1)C0

Zyxel PE5301-01

Moderate fix2 remedies

<= 5.63(ACLD.2.1)C0
<= 5.63(ACOJ.2.1)C0

Zyxel PX5302-00

Moderate fix1 remedy

<= 5.44(ACNM.0)C0

Zyxel PX5301-T0

Moderate fix1 remedy

cpe:2.3:h:zyxel:px5301-t0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.44(ACKB.0.6)C0

Zyxel WE3300-00

Moderate fix1 remedy

<= 5.70(ACKA.1.1)C0

Zyxel WX3100-T0

Moderate fix1 remedy

cpe:2.3:h:zyxel:wx3100-t0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.50(ABVL.4.9)C0

Zyxel WE4600-00

Moderate fix1 remedy

<= 6.70(ACKT.0)C0

Zyxel WX5600-T0

Moderate fix1 remedy

cpe:2.3:h:zyxel:wx5600-t0:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

<= 5.70(ACEB.5.1)C0

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

3.0

remediation

7.7

relevance

6.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

3.0

remediation

7.7

relevance

6.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.