Zyxel Routers Hit by Critical Security Flaw: What You Need to Know - UKTechHub

PayPal-Donate button

.

.

NEWS

This topic has 0 replies, 1 voice, and was last updated 2 months, 3 weeks ago by UK Sentinel.

Viewing 1 post (of 1 total)

Author

Posts
February 27, 2026 at 12:10 pm #41981
UK Sentinel
Keymaster
- Replies 8,551
- The Skipper
It has been reported, A major security issue has been confirmed in more than a dozen Zyxel networking devices, exposing them to a critical remote‑command‑execution vulnerability. The flaw, identified as CVE‑2025‑13942, stems from a command‑injection weakness in the UPnP feature, which can allow attackers to run operating‑system commands on unpatched devices if both UPnP and WAN access are enabled.

Models and device categories impacted

Zyxel confirms that the flaw affects over a dozen models across these categories:
- 4G LTE / 5G NR CPE routers
- DSL/Ethernet CPE devices
- Fiber ONTs (optical network terminals)
- Wireless extenders
These are the same categories highlighted in multiple independent reports, all noting that the UPnP flaw is present across these device families

https://www.techradar.com/pro/security/zyxel-warns-over-a-dozen-routers-could-be-affected-by-critical-rce-security-flaw

https://www.bleepingcomputer.com/news/security/zyxel-warns-of-critical-rce-flaw-affecting-over-a-dozen-routers

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote
Author

Posts

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.