Summary
FKIE Germany recently published a white paper analyzing 127 home routers sold by seven brands in Europe and suggesting that most home routers on the market have security flaws. FKIE used its Firmware Analysis and Comparison Tool (FACT) to analyze router firmware images based on firmware update frequency, operating system version, exploit mitigation, private cryptographic key material, and hardcoded login credentials.
What should you do?
As the report provides only a general firmware analysis and doesn’t identify or validate any specific vulnerabilities, we urge users to exercise good general security practices by following the guidance below for optimal protection.
Which Zyxel models are listed?
Ten Zyxel routers are listed in the report; however, many of them are outdated products that have already entered end-of-life status.
Got a question or a tipoff?
Please contact your local service rep for further information or assistance. If you’ve found a vulnerability, we want to work with you to fix it—contact security@zyxel.com.tw and we’ll get right back to you.
Acknowledgment
Fraunhofer Institute for Communication, Information Processing and Ergonomics of Germany (FKIE)
Revision history
2020-7-8: Initial release