The New Oil2d ago

#Zyxel warns of critical RCE flaw affecting over a dozen routers

https://www.bleepingcomputer.com/news/security/zyxel-warns-of-critical-rce-flaw-affecting-over-a-dozen-routers/

#cybersecurity #router

Zyxel warns of critical RCE flaw affecting over a dozen routers

Taiwan networking provider Zyxel has released security updates to address a critical vulnerability affecting over a dozen router models that can allow unauthenticated attackers to gain remote command execution on unpatched devices.

BleepingComputer
Michael I Ransier2d ago

NCTAG 5.8: The Zyxel Perimeter Crisis
120,000 targets identified. The Cyber Mind Co™ has released Global Watchtower Manifest (GWM) NCTAG 1.1, detailing a critical Unauthenticated RCE (CVE-2025-13942) in Zyxel devices

https://thecybermind.co/2026/02/25/zyxel-upnp-crisis-cve-2025-13942/
#RCE #Zyxel

https://thecybermind.co/2026/02/25/zyxel-upnp-crisis-cve-2025-13942/?utm_source=mastodon&utm_medium=jetpack_social

The Zyxel UPnP Crisis-RCE Insightful Analysis 25FEB26

Critical Zyxel UPnP Crisis RCE (CVE-2025-13942) exposes 120,000 devices. Learn how to harden your perimeter with the NCTAG 5.8 report.

The Cyber Mind
thecybermind2d ago

NCTAG 5.8: The Zyxel Perimeter Crisis
120,000 targets identified. The Cyber Mind Co™ has released Global Watchtower Manifest (GWM) NCTAG 1.1, detailing a critical Unauthenticated RCE (CVE-2025-13942) in Zyxel devices

https://thecybermind.co/2026/02/25/zyxel-upnp-crisis-cve-2025-13942/
#RCE #Zyxel

https://thecybermind.co/2026/02/25/zyxel-upnp-crisis-cve-2025-13942/?utm_source=mastodon&utm_medium=jetpack_social

The Zyxel UPnP Crisis-RCE Insightful Analysis 25FEB26

Critical Zyxel UPnP Crisis RCE (CVE-2025-13942) exposes 120,000 devices. Learn how to harden your perimeter with the NCTAG 5.8 report.

The Cyber Mind
securityaffairs2d ago
Critical #Zyxel router flaw exposed devices to remote attacks
https://securityaffairs.com/188501/security/critical-zyxel-router-flaw-exposed-devices-to-remote-attacks.html
#securityaffairs #hacking
Critical Zyxel router flaw exposed devices to remote attacks

Zyxel fixed a critical flaw in multiple routers that lets unauthenticated attackers remotely execute commands on vulnerable devices.

Security Affairs
Offensive Sequence4d ago
⚠️ CVE-2026-1459: HIGH-severity OS command injection in Zyxel VMG3625-T50B firmware ≤5.50(ABPM.9.7)C0. Authenticated admin can run arbitrary commands. Restrict admin access & monitor. Patch ASAP when released! https://radar.offseq.com/threat/cve-2026-1459-cwe-78-improper-neutralization-of-sp-f412c512 #OffSeq #Zyxel #CVE20261459 #InfoSec
RedPacket Security4d ago

CVE Alert: CVE-2026-1459 - Zyxel - VMG3625-T50B firmware - https://www.redpacketsecurity.com/cve-alert-cve-2026-1459-zyxel-vmg3625-t50b-firmware/

#OSINT #ThreatIntel #CyberSecurity #cve-2026-1459 #zyxel #vmg3625-t50b-firmware

CVE Alert: CVE-2026-1459 - Zyxel - VMG3625-T50B firmware - RedPacket Security

A post-authentication command injection vulnerability in the TR-369 certificate download CGI program of the Zyxel VMG3625-T50B firmware versions

RedPacket Security
RedPacket Security4d ago

CVE Alert: CVE-2025-13943 - Zyxel - EX3301-T0 firmware - https://www.redpacketsecurity.com/cve-alert-cve-2025-13943-zyxel-ex3301-t0-firmware/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-13943 #zyxel #ex3301-t0-firmware

CVE Alert: CVE-2025-13943 - Zyxel - EX3301-T0 firmware - RedPacket Security

A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could

RedPacket Security
T_X5d ago
Maybe one step closer to fixing the big regression for the #Zyxel GS1900-24E A1 switch in #OpenWrt? After a while of bisect'ing it seems to me that:
1) It worked in v24.10.0 because u-boot set things up correctly?
2) It broke between v24.10.0 and v24.10.1 bc. a commit added a in theory correct reset GPIO to DTS. Which would mess up what u-boot set up, and missed a correct reinitialization in Linux?
3) Things got "by accident" fixed in the main+25.10 branches bc. 1920 has no u-boot side setup.
Marcel SIneM(S)USFeb 10
#Zyxel-Firewalls: Angreifer können System-Befehle ausführen | Security https://www.heise.de/news/Zyxel-Firewalls-Angreifer-koennen-System-Befehle-ausfuehren-11169185.html #Patchday
Zyxel-Firewalls: Angreifer können System-Befehle ausführen

Ein Sicherheitsupdate schützt bestimmte Firewalls von Zyxel vor möglichen Angriffen. Attacken sind aber nicht ohne Weiteres möglich.

heise online
Ryan WalmsleyFeb 7

Well 1 day in, so far my conversion from #Unifi / #Ubiquiti to #zyxel has been excellent.

The three Wi-Fi APs seem to be pretty solid, I even got just a tad over a gigabit when testing against my computer that has 2.5Gbps Ethernet.

Loaded latency seems to be better too as the bottleneck is now my ISP rather than local network.

Interestingly I think the new switch has also been better, but that was moving from #tplink to Zyxel for that.