Source: Zyxel
Security researchers are warning that attackers appear to have stepped up scanning for vulnerable Zyxel products, including VPN gateways, access point controllers and firewalls.
A vulnerability in the company s firmware, which was first disclosed in December by researchers, can be exploited to install a hard-coded backdoor that could give threat actors remote administrative privileges. Dutch security firm Eye Control, which first uncovered the flaw, believes the bug could affect as many as 100,000 Zyxel products worldwide.
Following the disclosure of the vulnerability, Zyxel issued patches in some of its products and is urging its customers to apply them immediately. In the security advisory, however, the company notes that a fix for its NXC access point controller series products would not be released until April (see: