Zyxel security advisory for BCMUPnP_Hunter botnet


Zyxel has patched the vulnerability for years and urges users to install the latest firmware for your Zyxel devices for optimal protection.


What’s the vulnerability?

According to a disclosure by Qihoo’s Netlab 360 in November, an IoT botnet called “BCMUPnP_Hunter” was targeting routers running vulnerable versions of the Broadcom Universal Plug and Play (UPnP) feature.


What products are vulnerable?

As this is a known vulnerability disclosed in 2013, we have already released firmware fixes for the Zyxel products that support the Broadcom UPnP feature, as listed in the table below. We strongly advise users to install the latest firmware as they include important security fixes and upgrades. Products not listed here are not affected because they do not support the feature.

Model Latest firmware version
SBG3300-N000 1.01(AADY.9)C0
SBG3300-NB00 1.01(AAIW.9)C0
SBG3500-N 1.01(AAON.9)C0
SBG3500-NB 1.01(AAQM.9)C0
SBG3600-N000 1.01(AAKO.9)C0
SBG3600-NB00 1.01(AAKO.9)C0
PMG5318-B20B 1.00(AAZC.2)C0
PMG5318-B20C 1.00(ABGS.6)C0
PMG5323-B20B 1.00(ABGT.6)C0
VMG1312-B10A 1.00(AAJZ.16)C0
VMG1312-B30A 1.00(AATO.10)C0
VMG8324-B10A 1.00(AAKL.24)C0
VMG8924-B10A 1.00(AAKL.24)C0
VMG8924-B30A 1.00(AAPQ.15)C0

For Zyxel products offered through Internet service providers (ISPs), please contact your ISP if you require further details.


What should you do?

Ensure your devices are running the latest available firmware for optimal protection.


Got a question or a tipoff?

Please contact your local service rep for further information or assistance. If you’ve found a vulnerability, we want to work with you to fix it—contact security@zyxel.com.tw and we’ll get right back to you.



Qihoo’s Netlab 360


Revision history

Initial release 2018-11-15