Security Advisory

CVE-2026-1460

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-28 02:06:22

Last updated 2026-04-29 03:55:38

Assigner Zyxel

State PUBLISHED

Description

A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50(ABVY.7.1)C0 could allow an authenticated attacker with administrator privileges to execute OS commands on an affected device.

← Browse all CVEs View on cve.org ↗