Zyxel Routers Hit by Critical Security Flaw: What You Need to Know - UKTechHub

.

.

NEWS

This topic has 0 replies, 1 voice, and was last updated 2 months ago by UK Sentinel.

Viewing 1 post (of 1 total)

Author
Posts
February 27, 2026 at 12:10 pm #41981
UK Sentinel
Keymaster
- Replies 8,507
- The Skipper
It has been reported, A major security issue has been confirmed in more than a dozen Zyxel networking devices, exposing them to a critical remote‑command‑execution vulnerability. The flaw, identified as CVE‑2025‑13942, stems from a command‑injection weakness in the UPnP feature, which can allow attackers to run operating‑system commands on unpatched devices if both UPnP and WAN access are enabled.
Models and device categories impacted
Zyxel confirms that the flaw affects over a dozen models across these categories:
- 4G LTE / 5G NR CPE routers
- DSL/Ethernet CPE devices
- Fiber ONTs (optical network terminals)
- Wireless extenders
These are the same categories highlighted in multiple independent reports, all noting that the UPnP flaw is present across these device families

https://www.techradar.com/pro/security/zyxel-warns-over-a-dozen-routers-could-be-affected-by-critical-rce-security-flaw
https://www.bleepingcomputer.com/news/security/zyxel-warns-of-critical-rce-flaw-affecting-over-a-dozen-routers
In a completely sane world, madness is the only freedom (J.G.Ballard).
You need to login in order to vote
Author
Posts

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.