Summary
Zyxel releases security updates to fix a “high” severity vulnerability in the web management interface of various Access Point (AP) and Security Router models.
Risk
Estimate of the impact of the vulnerability on the reference community: High (65.12)
Type
- Privilege Escalation
| Prodoucts | Model | Affected Version |
|---|---|---|
| AP | NWA50AX | 7.00(ABYW.2) and previous |
| NWA50AX PRO | 7.00(ACGE.2) and previous | |
| NWA55AXE | 7.00(ABZL.2) and previous | |
| NWA90AX | 7.00(ACCV.2) and previous | |
| NWA90AX PRO | 7.00(ACGF.2) and previous | |
| NWA110AX | 7.00(ABTG.2) and previous | |
| NWA130BE | 7.00(ACIL.3) and previous | |
| NWA210AX | 7.00(ABTD.2) and previous | |
| NWA220AX-6E | 7.00(ACCO.2) and previous | |
| NWA1123ACv3 | 6.70(ABVT.4) and previous | |
| WAC500 | 6.70(ABVS.5) and previous | |
| WAC500H | 6.70(ABWA.5) and previous | |
| WAX300H | 7.00(ACHF.2) and previous | |
| WAX510D | 7.00(ABTF.2) and previous | |
| WAX610D | 7.00(ABTE.2) and previous | |
| WAX620D-6E | 7.00(ACCN.2) and previous | |
| WAX630S | 7.00(ABZD.2) and previous | |
| WAX640S-6E | 7.00(ACCM.2) and previous | |
| WAX650S | 7.00(ABRM.2) and previous | |
| WAX655E | 7.00(ACDO.2) and previous | |
| WBE530 | 7.00(ACLE.2) and previous | |
| WBE660S | 7.00(ACGG.2) and previous | |
| Security Router | USG LITE 60AX | 2.00(ACIP.4) and previous |
Mitigation Actions
In line with vendor statements, it is recommended to update vulnerable products following the indications of the security bulletin reported in the References section.
References
1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.
