AI description
CVE-2025-11730 describes a post-authentication command injection vulnerability found in the Dynamic DNS (DDNS) configuration CLI command of various Zyxel devices. This flaw affects Zyxel ATP series, USG FLEX series, USG FLEX 50(W) series, and USG20(W)-VPN series firmware versions from V5.35 through V5.41. An authenticated attacker possessing administrator privileges can exploit this vulnerability. By supplying a specially crafted string as an argument to the CLI command, the attacker can execute arbitrary operating system commands on the affected device.
- Description
- A post‑authentication command injection vulnerability in the Dynamic DNS (DDNS) configuration CLI command in Zyxel ATP series firmware versions from V5.35 through V5.41, USG FLEX series firmware versions from V5.35 through V5.41, USG FLEX 50(W) series firmware versions from V5.35 through V5.41, and USG20(W)-VPN series firmware versions from V5.35 through V5.41 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on an affected device by supplying a specially crafted string as an argument to the CLI command.
- Source
- security@zyxel.com.tw
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security@zyxel.com.tw
- CWE-78
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
4
Top 5 Trending CVEs: 1 - CVE-2018-17144 2 - CVE-2025-29969 3 - CVE-2025-11730 4 - CVE-2026-21518 5 - CVE-2025-60021 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
23 Feb 2026
133 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-11730: Remote Code Execution via DDNS configuration in ZYXEL ATP/USG Series (V5.41) | Rainpwn Blog https://t.co/VeouB4YrxV
@akaclandestine
22 Feb 2026
1749 Impressions
9 Retweets
27 Likes
9 Bookmarks
0 Replies
0 Quotes
#exploit 1⃣. CVE-2025-11730: RCE via DDNS configuration in ZYXEL ATP/USG Series https://t.co/3wpBRrMZZh ]-> PoC https://t.co/G6WSyJ6N6q 2⃣. A Deep Dive into CVE-2026-25049: n8n RCE https://t.co/BcChJcETOg 3⃣. The RCE that AMD won’t fix https://t.co/Am5eZH9KGG 4⃣
@ksg93rd
8 Feb 2026
869 Impressions
3 Retweets
20 Likes
9 Bookmarks
0 Replies
0 Quotes
CVE-2025-11730: Remote Code Execution via DDNS configuration in ZYXEL ATP/USG Series (V5.41) https://t.co/mD0Asjlz94 https://t.co/slKuUb73eJ
@secharvesterx
5 Feb 2026
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-11730: Remote Code Execution via DDNS configuration in ZYXEL ATP/USG Series (V5.41) https://t.co/3R6S0Rybk6
@_r_netsec
5 Feb 2026
1161 Impressions
4 Retweets
16 Likes
3 Bookmarks
1 Reply
0 Quotes
CVE-2025-11730 A post‑authentication command injection vulnerability in the Dynamic DNS (DDNS) configuration CLI command in Zyxel ATP series firmware versions from V5.35 through V5.… https://t.co/MRlVZGTSc2
@CVEnew
5 Feb 2026
168 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes