Zyxel security advisory (AV26-399)

Serial number: AV26-399
Date: April 28, 2026

On April 28, 2026, Zyxel published a security advisory to address vulnerabilities in the following products:

• 4G LTE/5G NR CPE – multiple versions and models
• DSL/Ethernet CPE – multiple versions and models
• Fiber ONTs – multiple versions and models
• Wireless Extenders – multiple versions and models

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Zyxel security advisory for command injection vulnerabilities in certain 4G LTE/5G NR CPE, DSL/Ethernet CPE, Fiber ONTs, and Wireless Extenders
• Zyxel Advisories