Security News > 2022 > May > Zyxel Issues Patches for 4 New Flaws Affecting AP, API Controller, and Firewall Devices

Zyxel Issues Patches for 4 New Flaws Affecting AP, API Controller, and Firewall Devices
2022-05-27 03:10

Zyxel has released patches to address four security flaws affecting its firewall, AP Controller, and AP products to execute arbitrary operating system commands and steal select information.

CVE-2022-26531 - Several input validation flaws in command line interface commands for some versions of firewall, AP controller, and AP devices that could be exploited to cause a system crash.

CVE-2022-26532 - A command injection vulnerability in the "Packet-trace" CLI command for some versions of firewall, AP controller, and AP devices that could lead to execution of arbitrary OS commands.

CVE-2022-0910 - An authentication bypass vulnerability affecting select firewall versions that could permit an attacker to downgrade from two-factor authentication to one-factor authentication via an IPsec VPN client.

While Zyxel has published software patches for firewalls and AP devices, hotfix for AP controllers affected by CVE-2022-26531 and CVE-2022-26532 can be obtained only by contacting the respective local Zyxel support teams.

The development comes as a critical command injection flaw in select versions of Zyxel firewalls has come under active exploitation, prompting the U.S. Cybersecurity and Infrastructure Security Agency to add the bug to its Known Exploited Vulnerabilities Catalog.


News URL

https://thehackernews.com/2022/05/zyxel-issues-patches-for-4-new-flaws.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-05-24 CVE-2022-26532 OS Command Injection vulnerability in Zyxel products
A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command.
local
low complexity
zyxel CWE-78
7.8
2022-05-24 CVE-2022-26531 Improper Input Validation vulnerability in Zyxel products
Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.
local
low complexity
zyxel CWE-20
7.8
2022-05-24 CVE-2022-0910 Improper Authentication vulnerability in Zyxel products
A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, and VPN series firmware versions 4.32 through 5.21, that could allow an authenticated attacker to bypass the second authentication phase to connect the IPsec VPN server even though the two-factor authentication (2FA) was enabled.
network
low complexity
zyxel CWE-287
6.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Zyxel 378 0 69 85 46 200