Property Abroad
Blog
Zyxel has fixed four bugs in firewalls and access points.

Zyxel has fixed four bugs in firewalls and access points.

Zyxel has fixed four bugs in firewalls and access points.

Feb. 27, 2024 - Taiwanese network equipment vendor Zyxel is warning of security vulnerabilities in its firewalls and access points, including a remote code execution vulnerability. The vendor has responded to four vulnerabilities, which have been designated CVE-2023-6397, CVE-2023-6398, CVE-2023-6399 and CVE-2023-6764, in its firewalls and access points.

Recommended News
Recommended real estate
The vulnerabilities can be exploited by attackers to perform command injection and denial of service attacks, as well as remote code execution. Here's a list of vulnerabilities the company has addressed:

  • CVE-2023-6397:A null pointer vulnerability in some versions of firewalls that could allow an attacker on a LAN to cause a denial of service by downloading a fake RAR archive to a host inside the LAN with Antivirus enabled.
  • CVE-2023-6398:A post-authentication command injection vulnerability in the download binary in some versions of firewalls and access points that could allow an authenticated attacker with administrative privileges to execute operational system commands on an infected device via FTP.
  • CVE-2023-6399:Format string vulnerability in some versions of firewalls that could allow an authenticated IPSec VPN user to cause a denial of service by the "deviceid" daemon by sending a fake hostname to an infected device if Device Insight is enabled.
  • CVE-2023-6764:A format string vulnerability in the IPSec VPN function in some versions of firewalls that could allow an attacker to perform unauthorized remote code execution by sending a sequence of specially crafted data containing an invalid pointer; however, such an attack requires detailed knowledge of the memory structure and configuration of the infected device.

The following are lists of affected devices:

Firewall Series

  • ATPZLD: V4.32 to V5.37 Patch 1
  • USG FLEX: from version ZLD V4.50 to V5.37 Patch 1
  • USG FLEX 50(W)/USG20(W)-VPN: not affected
  • USG FLEX H: not affected
  • uOS: from version V1.10 to V1.10 Patch 1

Affected access points (AP):

  • NWA50AX: version 6.29(ABYW.3) and earlier
  • NWA55AXE: version 6.29(ABZL.3) and earlier
  • NWA90AX: version 6.29(ACCV.3) and earlier
  • NWA110AX: version 6.65(ABTG.1) and earlier
  • NWA210AX: version 6.65(ABTD.1) and earlier
  • NWA220AX-6E: version 6.65(ACCO.1) and earlier
  • NWA1123ACv3: version 6.65(ABVT.1) and earlier
  • WAC500: version 6.65(ABVS.1) and earlier
  • WAC500H: version 6.65(ABWA.1) and earlier
  • WAX300H: version 6.60(ACHF.1) and earlier
  • WAX510D: version 6.65(ABTF.1) and earlier
  • WAX610D: version 6.65(ABTE.1) and earlier
  • WAX620D-6E: version 6.65(ACCN.1) and earlier
  • WAX630S: version 6.65(ABZD.1) and earlier
  • WAX640S-6E: version 6.65(ACCM.1) and earlier
  • WAX650S: version 6.65(ABRM.1) and earlier
  • WAX655E: version 6.65(ACDO.1) and earlier
  • WBE660S: version 6.65(ACGG.1) and earlier
  • NWA50AX-PRO: version 6.65(ACGE.1) and earlier
  • NWA90AX-PRO: version 6.65(ACGF.1) and earlier

Zyxel has acknowledged the discovery of vulnerabilities Lays and atdog from TRAPA Security. Customers are advised to install security patches as soon as possible.

Tags

Comment

Popular Posts

Subscribe to the newsletter from Hatamatata.ru!

I agree to the processing of personal data and confidentiality rules of Hatamatata