USG110 - FW v4.72 - different vulnerabilities solved (or not?)
Just reading the feature log of the latest FW patch v4.72. It's listing the following vulnerabilities which have been dealt with:
CVE-2022-0778
CVE-2022-0342
CVE-2021-44224
So far so good. But your latest security advisory of today ( https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml ) is listing the following v4.71 vulnerabilities, which should be mitigated by v4.72, too:
CVE-2022-26531
CVE-2022-26532
CVE-2022-0910
Why nothing of these vulnerabilities is written about in the v4.72 feature log?
0
All Replies
-
As a personal opinion, these vulnerabilities are not yet mitigated/solved into 4.72.Why nothing of these vulnerabilities is written about in the v4.72 feature log?
0 -
Hi @USG_User
We're sorry for the confusion
This vulnerability has been fixed aggressively into regular release but we did not disclose it since the official disclosure time has not been aligned with the researcher at that moment. In the meantime, we also updated device what's new with CVE info afterward, expected users getting real time notice from device directly.
Here it is the what's new content:
0
Categories
- 8.1K All Categories
- 1.6K Nebula
- 60 Nebula Ideas
- 54 Nebula Status and Incidents
- 4.4K Security
- 224 Security Ideas
- 965 Switch
- 45 Switch Ideas
- 868 WirelessLAN
- 20 WLAN Ideas
- 5.2K Consumer Product
- 139 Service & License
- 268 News and Release
- 53 Security Advisories
- 6 Education Center
- 573 FAQ
- 273 Nebula FAQ
- 132 Security FAQ
- 73 Switch FAQ
- 72 WirelessLAN FAQ
- 7 Consumer Product FAQ
- Documents
- 34 Nebula Monthly Express
- 71 About Community
- 44 Security Highlight