routers
-
Zyxel issues patches for critical UPnP command injection affecting dozens of routers
Zyxel released updates for a critical UPnP command injection, CVE-2025-13942, that can allow unauthenticated remote command execution on many routers. Exploitation requires UPnP and WAN access to be enabled and patches are available.
-
D-Link warns of remote command-execution flaws in end-of-life DIR-878 routers
D-Link has warned that multiple remotely exploitable command-execution vulnerabilities affect the end-of-life DIR-878 router; technical details and proof-of-concept code are publicly available and the company recommends replacing the device because it will not receive security updates.
-
ASUS issues firmware to fix critical authentication bypass in DSL routers
ASUS released firmware version 1.1.2.3_1010 to fix a critical authentication bypass (CVE-2025-59367) impacting DSL-AC51, DSL-N16 and DSL-AC750 routers and urged users to install the update or follow mitigation steps to block internet-accessible services.
-
DrayTek warns of remote code execution bug in Vigor routers
DrayTek has warned that multiple Vigor router models are affected by CVE-2025-10547, an uninitialized stack vulnerability that can lead to memory corruption and, in some cases, remote code execution; firmware updates are available and administrators are urged to apply them.
-
Security Flaw Leaves Thousands of Asus Routers Vulnerable to Backdoor Attacks
Thousands of Asus routers are vulnerable to backdoor attacks due to exploited security flaws, as revealed by cybersecurity experts. Users are urged to check their settings and apply necessary updates.
-
FBI Warns of Cybercriminal Exploitation of Outdated Routers
The FBI has issued a warning on the exploitation of end-of-life routers by cybercriminals who deploy malware to convert them into proxies for illicit activities. The advisory identifies several vulnerable router models, urging consumers to consider upgrading to secure alternatives.






