Zyxel has rolled out security updates to address a critical pre-authentication command injection flaw in its network-attached storage (NAS) devices that could result in the execution of arbitrary commands on affected systems.