Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Zyxel Patches Critical Vulnerability in Many Device Models

The issue impacts the UPnP function of multiple device models and could be exploited for remote code execution.

Router vulnerabilities

Networking provider Zyxel this week released patches for multiple vulnerabilities across dozens of device models, including a critical flaw leading to remote code execution.

The critical-severity bug, tracked as CVE-2025-13942 (CVSS score of 9.8), is described as a command injection issue affecting the UPnP feature of 18 routers, ONTs, and wireless extenders.

An attacker could exploit the flaw via crafted UPnP SOAP requests to execute OS commands on a vulnerable device, Zyxel explains in its advisory.

“It is important to note that WAN access is disabled by default on these devices, and the attack can be carried out remotely only if both WAN access and the vulnerable UPnP function have been enabled,” the company notes.

The networking provider’s fresh round of security updates also resolves CVE-2025-13943 and CVE-2026-1459, two high-severity command injection defects.

Impacting the log file download function and the TR-369 certificate download CGI program of specific router firmware versions, the two vulnerabilities could allow an authenticated attacker to execute OS commands.

Advertisement. Scroll to continue reading.

Additionally, Zyxel released fixes for four null pointer dereference vulnerabilities that could be exploited by attackers with administrator privileges to cause denial-of-service (DoS) conditions.

Affecting various endpoints of the vulnerable products, these flaws can be exploited via crafted HTTP requests if WAN access is enabled and the attacker possesses compromised user credentials.

Zyxel has published a list of impacted devices, saying that firmware updates are available for all of them. The company makes no mention of any of these vulnerabilities being exploited in the wild, but threat actors are known to have targeted Zyxel bugs in attacks.

Related: Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers

Related: Zyxel Firewall Vulnerability Again in Attacker Crosshairs

Related: Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days

Related: Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

BlueVoyant has appointed Ravi Subramanian as CFO and Jamie Coleman as CCO.

Solana Foundation has appointed Michael Coates as Chief Information Security Officer.

Michael Sikorski has joined Coinbase as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.