ZyXEL have published a security advisory which covers some of the ZyXEL routers we have provided our customers, the DX3301 and VMG3927.
New firmware has been released. Customers can either load this manually, or use the 'Upgrade Firmware' button found on the router information page on our Control Pages.
We have received further clarification that the vulnerabilities affect the router's web interface when exposed to the internet. Routers we configure for customers will have the web interface only allowable from our office IP range, and so this vulnerability is deemed low risk. We still recommend that customers upgrade. The upgrade process will take a few minutes but it does not reset the configuration.
We will make direct contact with customers with these routers, and support staff will mention this if and when they are talking to customers and notice the firmware is out of date.