CVE-2026-0711

· NIST NVD ↗

A post-authentication command injection vulnerability in the EasyMesh-related APIs of Zyxel DX3300-T0 firmware versions through 5.50(ABVY.7.1)C0 could allow an authenticated, adjacent attacker with administrator privileges to execute OS commands on an affected device.

MEDIUM
CVSS severity
6.8
CVSS base score
2026-04-28
Published

CWE codes

CWE-78

Sources