Security News > 2025 > February > Swap EOL Zyxel routers, upgrade Netgear ones!
2025-02-05 14:11
There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting its routers and wireless access points. Zyxel vulnerability: Exploited, no patches CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has been known since July 2024 and is currently being exploited by attackers, will not be patched by the manufacturer since the affected devices “are legacy … More → The post Swap EOL Zyxel routers, upgrade Netgear ones! appeared first on Help Net Security.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-04 | CVE-2024-40891 | OS Command Injection vulnerability in Zyxel products **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device via Telnet. | 8.8 |