Tag: zyxel
-
Partnerschaft ermöglicht VPN-Service ohne zusätzliche Kosten – Zyxel und Tailscale vereinfachen die sichere Remote-Konnektivität
First seen on security-insider.de Jump to article: www.security-insider.de/zyxel-und-tailscale-vereinfachen-die-sichere-remote-konnektivitaet-a-5ce2ec60281cf29159b26db40ee6033b/
-
Zyxel Devices Hit by Active Exploits Targeting CVE-2023-28771 Vulnerability
Zyxel users beware: A critical remote code execution flaw (CVE-2023-28771) in Zyxel devices is under active exploitation by a Mirai-like botnet. GreyNoise observed a surge on June 16, targeting devices globally. First seen on hackread.com Jump to article: hackread.com/zyxel-devices-active-exploits-cve-2023-28771-vulnerability/
-
Critical Zyxel vulnerability under active exploitation after long period of quiet
Researchers say a sudden burst of activity could be linked to a Mirai botnet variant. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/vulnerability-zyxel-exploitation/750922/
-
Attackers target Zyxel RCE vulnerability CVE-2023-28771
GreyNoise researchers have observed exploit attempts targeting the remote code execution vulnerability CVE-2023-28771 in Zyxel devices. On June 16, GreyNoise researchers detected exploit attempts targeting CVE-2023-28771 (CVSS score 9.8), a remote code execution flaw impacting Zyxel IKE decoders over UDP port 500. >>Exploitation attempts against CVE-2023-28771 were minimal throughout recent weeks.On June 16, GreyNoise observed…
-
Zyxel Devices Under Attack as Hackers Exploit UDP Port RCE Flaw
Tags: attack, control, cve, cyber, cyberattack, exploit, firewall, flaw, hacker, Internet, rce, remote-code-execution, vpn, vulnerability, zyxelA sudden and highly coordinated wave of cyberattacks has struck Zyxel firewall and VPN devices worldwide, as hackers exploit a critical remote code execution (RCE) vulnerability tracked as CVE-2023-28771. The attacks, observed on June 16, 2025, leveraged UDP port 500″, the Internet Key Exchange (IKE) packet decoder”, to remotely inject system commands and potentially seize…
-
Mirai botnet weaponizes PoC to exploit Wazuh open-source XDR flaw
Two Mirai variants integrate the exploit: The first botnet exploiting CVE-2025-24016 was detected by Akamai in March and used a proof-of-concept (PoC) exploit that was published for the vulnerability in late February. That exploit targets the /security/user/authenticate/run_as API endpoint.The second botnet was detected in early May and targeted the /Wazuh endpoint, but the exploit payload…
-
Zyxel RCE Flaw Lets Attackers Run Commands Without Authentication
Tags: authentication, cyber, exploit, firewall, flaw, network, rce, remote-code-execution, vulnerability, zyxelSecurity researcher Alessandro Sgreccia (aka >>rainpwn
-
Chinese hackers spent four years inside Asian telco’s networks
The hackers compromised home routers made by Zyxel to gain entry into a “major” telecommunications company’s environment. First seen on therecord.media Jump to article: therecord.media/chinese-hackers-spent-years-telco
-
Chinese Weaver Ant hackers spied on telco network for 4 years
A China-linked advanced threat group named Weaver Ant spent more than four years in the network of a telecommunications services provider, hiding traffic and infrastructure with the help of compromised Zyxel CPE routers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-weaver-ant-hackers-spied-on-telco-network-for-4-years/
-
U.S. CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, microsoft, vulnerability, windows, zyxelU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: The vulnerability CVE-2024-40891 is a command injection issue in Zyxel CPE Series devices that remains unpatched and has not yet…
-
Actively-Exploited Bugs In Zyxel Routers Require Immediate Device Upgrades
First seen on scworld.com Jump to article: www.scworld.com/brief/actively-exploited-zyxel-bugs-require-immediate-device-upgrades
-
Actively exploited Zyxel router bugs require immediate model upgrades
First seen on scworld.com Jump to article: www.scworld.com/brief/actively-exploited-zyxel-router-bugs-require-immediate-model-upgrades
-
Zyxel won’t patch endlife routers against zero-day attacks
Networking hardware vendor Zyxel has no plans to patch multiple end-of-life routers against new zero-day flaws and advises customers to replace affected devices entirely. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366618782/Zyxel-wont-patch-end-of-life-routers-against-zero-day-attacks
-
Swap EOL Zyxel routers, upgrade Netgear ones!
There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/05/swap-eol-zyxel-routers-upgrade-netgear-ones-patches-cve-2024-40891/
-
Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers
The Taiwanese hardware maker says it has no plans patch the flaws impacting legacy router models First seen on techcrunch.com Jump to article: techcrunch.com/2025/02/05/router-maker-zyxel-tells-customers-to-replace-vulnerable-hardware-exploited-by-hackers/
-
Kein Support mehr: Hersteller drängt wegen Router-Lücken auf Entsorgung
Sicherheitslücken in mehreren Zyxel-Routern werden aktiv ausgenutzt. Der Hersteller will nicht patchen und verweist auf den EOL-Status der Geräte. First seen on golem.de Jump to article: www.golem.de/news/kein-support-mehr-hersteller-draengt-wegen-router-luecken-auf-entsorgung-2502-193053.html
-
Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days
Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched. The post Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/zyxel-issues-no-patch-warning-for-exploited-zero-days/
-
Support ausgelaufen: Keine Sicherheitsupdates mehr für attackierte Zyxel-Router
Derzeit hat es eine Mirai-Botnet-Malware auf bestimmte Routermodelle von Zyxel abgesehen. Weil der Support ausgelaufen ist, müssen Admins jetzt handeln. First seen on heise.de Jump to article: www.heise.de/news/Support-ausgelaufen-Keine-Sicherheitsupdates-mehr-fuer-attackierte-Zyxel-Router-10269938.html
-
Zyxel won’t patch newly exploited flaws in endlife routers
Zyxel has issued a security advisory about actively exploited flaws in CPE Series devices, warning that it has no plans to issue fixing patches and urging users to move to actively supported models. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/zyxel-wont-patch-newly-exploited-flaws-in-end-of-life-routers/
-
Exploitation of vulnerability in Zyxel CPE targets legacy routers
Zyxel urged users to replace their old devices with modern, supported versions. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/exploitation-vulnerability-zyxel-routers/739182/
-
Attackers exploit zero-day vulnerability in Zyxel CPE devices
Researchers say the manufacturer has yet to publicly disclose or patch the flaw. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/exploit-zero-day-vulnerability–zyxel/738611/
-
Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)
CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/29/zyxel-cpe-devices-under-attack-vulnerability-cve-2024-40891/
-
New Zyxel Zero-Day Under Attack, No Patch Available
GreyNoise reports active exploitation of a newly discovered zero-day vulnerability in Zyxel CPE devices. There are no patches available. The post New Zyxel Zero-Day Under Attack, No Patch Available appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/new-zyxel-zero-day-under-attack-no-patch-available/
-
Hackers exploit critical unpatched flaw in Zyxel CPE devices
Hackers are exploiting a critical command injection vulnerability in Zyxel CPE Series devices that is currently tracked as CVE-2024-40891 and remains unpatched since last July. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-critical-unpatched-flaw-in-zyxel-cpe-devices/
-
Attackers actively exploit a critical zero-day in Zyxel CPE Series devices
Experts warn that threat actors are actively exploiting critical zero-day vulnerability, tracked as CVE-2024-40891, in Zyxel CPE Series devices. GreyNoise researchers are observing active exploitation attempts targeting a zero-day, tracked as CVE-2024-40891, in Zyxel CPE Series devices. The vulnerability is a command injection issue that remains unpatched and has not yet been publicly disclosed. Attackers can exploit…
-
Zyxel CPE Zero-Day (CVE-2024-40891) Exploited in the Wild
Security researchers have raised alarms about active exploitation attempts targeting a newly discovered zero-day command injection vulnerability in Zyxel CPE Series devices, tracked as CVE-2024-40891. This critical vulnerability, which remains unpatched and undisclosed by the vendor, has left over 1,500 devices globally exposed to potential compromise, as reported by Censys. About the Vulnerability CVE-2024-40891 CVE-2024-40891 […]…
-
Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability
Cybersecurity researchers are warning that a critical zero-day vulnerability impacting Zyxel CPE Series devices is seeing active exploitation attempts in the wild.”Attackers can leverage this vulnerability to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration,” GreyNoise researcher Glenn Thorpe said in an alert First seen on thehackernews.com…
-
Fix nur vor Ort möglich: Zyxel schickt Firewalls per Update in Bootschleife
Die betroffenen Zyxel-Firewalls lassen sich nicht mehr aus der Ferne warten. Admins müssen per Kabel dran, um eine neue Firmware einzuspielen. First seen on golem.de Jump to article: www.golem.de/news/fix-nur-vor-ort-moeglich-zyxel-schickt-firewalls-per-update-in-bootschleife-2501-192799.html
-
Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities
Nvidia, Zoom, and Zyxel have released patches for multiple high-severity vulnerabilities across their products. The post Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/nvidia-zoom-zyxel-patch-high-severity-vulnerabilities/
-
A new ransomware regime is now targeting critical systems with weaker networks
Tags: access, attack, authentication, breach, control, corporate, credentials, cybercrime, data, defense, exploit, extortion, finance, flaw, fortinet, group, infrastructure, law, lockbit, malware, mfa, network, ransomware, risk, tactics, usa, vmware, vpn, vulnerability, zyxelThe year 2024’s ransomware shake-up, fueled by law enforcement crackdowns on giants like LockBit, has shifted focus to critical operations, with major attacks this year hitting targets like Halliburton, TfL, and Arkansas water plant.A Dragos study for the third quarter of 2024 highlighted a surge in activity from new groups like RansomHub, Play, and Fog,…