Recently, there have been sold Exploits on the dark web, for exploiting Zyxel NAS devices, but researchers have found out, that firewall’s also have the vulnerbility:
https://krebsonsecurity.com/2020/02/zyxel-0day-affects-its-firewall-products-too/
Zyxel advisory – please note, not all Zyxel devices can be patched, so time for a replacement:
https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml