Zyxel security advisory (AV26-167)

Serial number: AV26-167
Date: February 25, 2026

On February 24, 2026, Zyxel published a security advisory to address vulnerabilities in the following products:

• 4G LTE/5G NR CPE – multiple models and versions
• DSL/Ethernet CPE – multiple models and versions
• Fiber ONTs – multiple models and versions
• Security Routers – multiple models and versions
• Wireless Extenders – multiple models and versions

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Zyxel security advisory for null pointer dereference and command injection vulnerabilities in certain 4G LTE/5G NR CPE, DSL/Ethernet CPE, Fiber ONTs, Security Routers, and Wireless Extenders
• Zyxel Advisories