Critical active threat
CVE-2024-40890 Zyxel DSL CPE OS Command Injection
- Actively exploited (CISA KEV)
- Listed on CISA KEV
Zyxel DSL CPE Devices Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.