CVE-2025-11846

Name: CVE-2025-11846
Creator: NVD / NIST
Published: 2026-02-24T02:16:00.03+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 4.9/10EPSS 1.12%

Last modified Jun 17, 2026

CVE-2025-11846 is a medium-severity vulnerability rated 4.9/10 on the CVSS scale. A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request.. EPSS estimates a 1.12% chance of exploitation in the next 30 days.

Description

A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request.

Metrics

CVSS 3.1

4.9/10

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

1.12%

62.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-476

Affected Software

Vendor	Product	Versions
Zyxel	Lte3301-Plus Firmware	< 1.00\(abqu.9\)c0
Zyxel	Nebula Fwa505 Firmware	< 1.60\(acko.2\)v0
Zyxel	Nebula Fwa510 Firmware	< 1.60\(acgd.0\)c0
Zyxel	Nebula Fwa515 Firmware	< 1.60\(acpz.0\)v0
Zyxel	Nebula Fwa710 Firmware	< 1.60\(acgc.1\)v0
Zyxel	Ee5301-00 Firmware	< 5.63\(acld.2.1\)c0
Zyxel	Ee3301-00 Firmware	< 5.63\(acmu.2.1\)c0
Zyxel	Dx5401-B1 Firmware	< 5.17\(abyo.7.1\)c0
Zyxel	Dx4510-B1 Firmware	< 5.17\(abyl.10.1\)c0
Zyxel	Dx4510-B0 Firmware	< 5.17\(abyl.10.1\)c0
Zyxel	Dx3301-T0 Firmware	< 5.50\(abvy.7.1\)c0
Zyxel	Dx3300-T1 Firmware	< 5.50\(abvy.7.1\)c0
Zyxel	Dx3300-T0 Firmware	< 5.50\(abvy.7.1\)c0
Zyxel	Ee6510-10 Firmware	< 5.19\(acjq.4.1\)c0
Zyxel	Emg3525-T50b Firmware	< 5.50\(abpm.9.7\)c0
Zyxel	Nebula Lte3301-Plus Firmware	< 1.18\(acca.6\)v0
Zyxel	Emg5523-T50b Firmware	< 5.50\(abpm.9.7\)c0
Zyxel	Ex2210-T0 Firmware	< 5.50\(acdi.2.3\)c0
Zyxel	Ex3300-T0 Firmware	< 5.50\(abvy.7.1\)c0
Zyxel	Ex3300-T1 Firmware	< 5.50\(abvy.7.1\)c0
Zyxel	Ex3301-T0 Firmware	< 5.50\(abvy.7.1\)c0
Zyxel	Ex3500-T0 Firmware	< 5.44\(achr.5.1\)c0
Zyxel	Ex3501-T0 Firmware	< 5.44\(achr.5.1\)c0
Zyxel	Ex3510-B0 Firmware	< 5.17\(abup.15.2\)c0
Zyxel	Ex3510-B1 Firmware	< 5.17\(abup.15.2\)c0
Zyxel	Ex3600-T0 Firmware	< 5.70\(acif.2.1\)c0
Zyxel	Ex5401-B1 Firmware	< 5.17\(abyo.7.1\)c0
Zyxel	Ex5510-B0 Firmware	< 5.17\(abqx.11.1\)c0
Zyxel	Ex5512-T0 Firmware	< 5.70\(aceg.5.3\)c0
Zyxel	Ex5601-T0 Firmware	< 5.70\(acdz.5.1\)c0
Zyxel	Ex5601-T1 Firmware	< 5.70\(acdz.5.1\)c0
Zyxel	Ex7501-B0 Firmware	< 5.18\(achn.3.1\)c0
Zyxel	Ex7710-B0 Firmware	< 5.18\(acak.1.6\)c0
Zyxel	Gm4100-B0 Firmware	< 5.18\(accl.2\)c0
Zyxel	Pm7500-00 Firmware	< 5.61\(ackk.1.2\)c0
Zyxel	Vmg3625-T50b Firmware	< 5.50\(abpm.9.7\)c0
Zyxel	Vmg4005-B50a Firmware	< 5.17\(abqa.3.2\)c0
Zyxel	Vmg4005-B60a Firmware	< 5.17\(abqa.3.2\)c0
Zyxel	Ax7501-B1 Firmware	< 5.17\(abpc.7.1\)c0
Zyxel	Pe3301-00 Firmware	< 5.63\(acmt.2.1\)c0
Zyxel	Pe5301-01 Firmware	< 5.63\(acoj.2.1\)c0
Zyxel	Pm3100-T0 Firmware	< 5.42\(acbf.4.1\)c0
Zyxel	Pm5100-T0 Firmware	< 5.42\(acbf.4.1\)c0
Zyxel	Pm5100-T1 Firmware	< 5.42\(acbf.4.1\)c0
Zyxel	Pm7300-T0 Firmware	< 5.42\(abyy.4.1\)c0
Zyxel	Px3321-T1 Firmware	< 5.44\(achk.3\)c0
Zyxel	Px3321-T1 Firmware	< 5.44\(acjb.1.5\)c0
Zyxel	Px5301-T0 Firmware	< 5.44\(ackb.0.6\)c0
Zyxel	Scr 50axe Firmware	< 1.30\(acgn.0\)c0
Zyxel	Vmg8623-T50b Firmware	< 5.50\(abpm.9.7\)c0

Showing 50 of 55 affected configurations. See NVD for the full list.

References

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-null-pointer-dereference-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-02-24-2026Vendor Advisory

Timeline

Published: Feb 24, 2026
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2025-11846?

How severe is CVE-2025-11846?

CVE-2025-11846 has a CVSS score of 4.9/10 (MEDIUM severity). The EPSS model estimates a 1.12% probability of exploitation in the next 30 days.

How do I fix CVE-2025-11846?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-11846?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST