Zyxel Routers Hit by Critical Security Flaw: What You Need to Know It has been reported, A major security issue has been confirmed in more than a dozen Zyxel networking devices, exposing them to a critical remote‑command‑execution vulnerability. The flaw, identified as...

[UK Sentinel]

It has been reported, A major security issue has been confirmed in more than a dozen Zyxel networking devices, exposing them to a critical remote‑command‑execution vulnerability. The flaw, identified as CVE‑2025‑13942, stems from a command‑injection weakness in the UPnP feature, which can allow attackers to run operating‑system commands on unpatched devices if both UPnP and WAN access are enabled.

Models and device categories impacted

Zyxel confirms that the flaw affects over a dozen models across these categories:

• 4G LTE / 5G NR CPE routers
• DSL/Ethernet CPE devices
• Fiber ONTs (optical network terminals)
• Wireless extenders

These are the same categories highlighted in multiple independent reports, all noting that the UPnP flaw is present across these device families

 

https://www.techradar.com/pro/security/zyxel-warns-over-a-dozen-routers-could-be-affected-by-critical-rce-security-flaw

https://www.bleepingcomputer.com/news/security/zyxel-warns-of-critical-rce-flaw-affecting-over-a-dozen-routers

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[Author]

Posts