ZLD5.21 Patch1 Firmware release
Zyxel Employee
Zyxel is committed to continuously updating your devices for important maintenance information. This latest release fixes all-round functions of ATP and USG FLEX series. If the device is using the App Patrol signature release V1.0.0.20220310.0 on 3/11/2022, DO NOT reboot the device until you have upgraded the device firmware to the latest ZLD5.21 Patch1.
ZLD5.21 Patch1 fixes the following security issues:
1. App Patrol signature V1.0.0.20220310.0
Fixed a parsing error in the Application signature V1.0.0.20220310.0. It may drive an error condition led to connectivity disruption.
2. Zyxel-SI-1392, Zyxel-SI-1400
An authentication bypass vulnerability was found in the CGI program of ZLD firmware that could allow an attacker to bypass the web authentication and obtain administrative access of the device.
Affected Version: ATP Series: ZLD V4.32 Patch0 through ZLD V5.20 Patch0/USG FLEX Series: ZLD V4.50 Patch0 through ZLD V5.20 Patch0/VPN Series: ZLD V4.30 Patch0 through ZLD V5.20 Patch0
3. Zyxel-SI-1396
A cross-site scripting (XSS) vulnerability was found in the CGI program of ZLD firmware that could allow an attacker to execute malicious scripts through the web interface.
Affected Version: ATP Series: ZLD V4.35 Patch0 through ZLD V5.20 Patch0/USG FLEX Series: ZLD V4.50 Patch0 through ZLD V5.20 Patch0/VPN Series: ZLD V4.35 Patch0 through ZLD V5.20 Patch0
Release Date: March 16th, 2022
Supported Models: ZyWALL ATP Series/ ZyWALL USG FLEX Series
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 155 Nebula Ideas
- 105 Nebula Status and Incidents
- 5.9K Security
- 319 USG FLEX H Series
- 286 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 256 Service & License
- 398 News and Release
- 86 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.7K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 78 Security Highlight