RouterCVE

Router CVE Weekly Digest — Week of Apr 27, 2026

Published April 27, 2026 · RouterCVE Weekly Digest

3 CVEs 2 High1 Medium
```html

Affected Vendors

  • Zyxel: 2 CVEs (1 high, 1 medium)
  • Cisco: 1 CVE (high)

Overview

This week brought three router-related vulnerabilities, with two high-severity issues requiring immediate attention. Zyxel devices are the primary focus, with two command injection flaws affecting their small business gateway line, while Cisco's Intersight Device Connector faces a critical access control bypass.

Critical Vulnerabilities

CVE-2026-5944 (Cisco, CVSS 8.2): The most severe issue this week is an improper access control vulnerability in the Cisco Intersight Device Connector for Nutanix Prism Central. The vulnerability exposes an API passthrough endpoint on TCP port 7373 that is accessible without proper authentication. This could allow an unauthenticated attacker to interact with backend systems. If you're running Intersight Device Connector in your environment, verify your current firmware version and apply patches immediately.

CVE-2026-1460 (Zyxel, CVSS 7.2): A post-authentication command injection flaw exists in the DHCP configuration on Zyxel DX3301-T0 and EX3301-T0 devices running firmware through version 5.50(ABVY.7.1)C0. While authentication is required, the ability to inject commands through the "DomainName" parameter could allow an authenticated attacker to execute arbitrary code. Check your Zyxel device firmware and apply available updates.

Additional Findings

CVE-2026-0711 (Zyxel, CVSS 6.8): Another post-authentication command injection flaw affects the EasyMesh-related APIs in Zyxel DX3300-T0 firmware through version 5.50(ABVY.7.1)C0. Like the previous Zyxel issue, this requires authentication but could enable privilege escalation or lateral movement within your network.

Recommendations

  • Cisco Intersight users: Apply patches immediately and verify that port 7373 is not exposed to untrusted networks.
  • Zyxel customers: Check for firmware updates for DX3300-T0, DX3301-T0, and EX3301-T0 models. Restrict administrative access to trusted users and networks.
  • Consider implementing network segmentation to isolate gateway management interfaces from general user traffic.
```
« All weekly digests