Thanks to Thomas Rinsma for reporting the issues to us.
If you’ve found a vulnerability, we want to work with you to fix it-contact and we’ll get right back to you.
Please contact your local service rep for further information or assistance. For users who purchased the listed devices on their own, please contact your local Zyxel support team for the new firmware file to ensure optimal protection. For ISP customers, please contact your Zyxel representative for further details. Please note that the table does NOT include customized models for internet service providers (ISPs). What products are vulnerable-and what should you do?Īfter a thorough investigation, we have identified the vulnerable CPE that are within their warranty and support period and are releasing firmware patches to address the issue, as shown in the table below. The Smart Update Tools (SUT) enable HPE OneView and iLO Amplifier Pack to stage and apply updates automatically to reduce IT operations. Remote code execution and denial-of-service vulnerabilities caused by the improper input sanitization of HTTP requests were identified in the zhttpd webserver on some Zyxel CPE. Smart Update Manager (SUM) is an innovative tool for keeping the firmware, drivers, and system software of HPE server infrastructure and associated options up-to-date and secure.
#ZYXEL FIRMWARE UPDATES INSTALL#
Customers are advised to install the updates for optimal protection. 151 drivers total Last updated: Feb 20th 2017, 09:12 GMT RSS Feed. Zyxel has released firmware updates for RCE and DoS vulnerabilities affecting some CPE models. Download Zyxel Firmware drivers, firmware, bios, tools, utilities.
Zyxel security advisory for remote code execution and denial-of-service vulnerabilities of CPE Summary