Security News

Zyxel issues emergency RCE patch for end-of-life NAS devices
2024-06-04 17:28

Zyxel Networks has released an emergency security update to address three critical vulnerabilities impacting older NAS devices that have reached end-of-life. Although both NAS models reached the end of their support period on December 31, 2023, Zyxel released fixes for the three critical flaws in versions 5.21(AAZF.17)C0 for NAS326 and 5.21(ABAG.14)C0 for NAS542.

Critical Zyxel NAS vulnerabilities patched, update quickly!
2023-12-01 11:21

Zyxel has patched six vulnerabilities affecting its network attached storage devices, including several command injection flaws that can be easily exploited by unauthenticated attackers. One of the six plugged security holes is an improper authentication vulnerability in the devices' authentication module, and may allow unauthenticated attackers to grab system information by sending a specially crafted URL to a vulnerable device.

Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices
2023-12-01 06:22

Zyxel has released patches to address 15 security issues impacting network-attached storage (NAS), firewall, and access point (AP) devices, including three critical flaws that could lead to...

Zyxel warns of multiple critical vulnerabilities in NAS devices
2023-11-30 15:11

Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage devices. Zyxel NAS systems are used for storing data in a centralized location on the network.

Gafgyt malware exploits five-years-old flaw in EoL Zyxel router
2023-08-10 20:35

Fortinet has issued an alert warning that the Gafgyt botnet malware is actively trying to exploit a vulnerability in the end-of-life Zyxel P660HN-T1A router in thousands of daily attacks. [...]

DDoS Botnets Hijacking Zyxel Devices to Launch Devastating Attacks
2023-07-21 09:03

Several distributed denial-of-service botnets have been observed exploiting a critical flaw in Zyxel devices that came to light in April 2023 to gain remote control of vulnerable systems. "Through the capture of exploit traffic, the attacker's IP address was identified, and it was determined that the attacks were occurring in multiple regions, including Central America, North America, East Asia, and South Asia," Fortinet FortiGuard Labs researcher Cara Lin said.

Mirai botnet targets 22 flaws in D-Link, Zyxel, Netgear devices
2023-06-22 17:53

A variant of the Mirai botnet is targeting almost two dozen vulnerabilities aiming to take control of D-Link, Arris, Zyxel, TP-Link, Tenda, Netgear, and MediaTek devices to use them for distributed denial-of-service attacks. In total, the malware targets no less than 22 known seccurity issues in various connected products, which include routers, DVRs, NVRs, WiFi communication dongles, thermal monitoring systems, access control systems, and solar power generation monitors.

Zyxel warns of critical command injection flaw in NAS devices
2023-06-20 14:26

Zyxel is warning its NAS devices users to update their firmware to fix a critical severity command injection vulnerability. Zyxel has provided no workarounds or mitigations for CVE-2023-27992 in its latest advisory, so users of the impacted NAS devices are recommended to apply the available security updates as soon as possible.

Zyxel Releases Urgent Security Updates for Critical Vulnerability in NAS Devices
2023-06-20 12:12

Zyxel has rolled out security updates to address a critical security flaw in its network-attached storage devices that could result in the execution of arbitrary commands on affected systems. Tracked as CVE-2023-27992, the issue has been described as a pre-authentication command injection vulnerability.

Zyxel patches critical vulnerability in NAS devices (CVE-2023-27992)
2023-06-20 09:52

Zyxel has released firmware patches for a critical vulnerability in some of its consumer network attached storage devices. CVE-2023-27992 is an OS command injection flaw that could be triggered remotely by an unauthenticated attacker, via a specially crafted HTTP request.