ZLD4.73 & ZLD5.36 patch 2 Official Version Released to address Buffer Overflow Issues
I guess hacks found out some people had not been updating their firmware and have targeted the old firmware with fake downloads.0
No, the zyxel page you posted: if you scroll to USG section and point to "Download 5.10" it links to a dropbox download.
So Zyxel used dropbox for their downloads, but dropbox, when huge traffic is detected on a specific link, disables it… BAM Zyxel, great idea!
Either they have hacked Zyxel or Zyxel has not been very clever in using dropbox for sharing their firmware: on a zero day with massive downloads….dropbox says goodbye0
Yes Zyxel should really think about putting old firmware on portal.myzyxel.com0
Patch 2 seams to still have the issue. We were running patch 1 and this morning our IPsec vpn's were dropping randomly. Never happened before. Applied patch 2 and it still happened. We geo-filtered traffic now as a previous post suggested and that seems to have fixed it for now (until attacks come from US).2
These links won't work for archive firmware.
Does someone have a link for a USG20W-VPN 4.25?
Niels2021 Posts: 7
In the past all older firmwares of all devices were available on ftp.zyxel.com. Why is that gone? Could have been a huge help now.
But we still have no clear answer on what is happening the past days:
- Is this caused by a DOS attack? I see an IP from ukrain trying to connect to the IKEv2 port on several . All traffic from outside Europe is blocked on 20% of our firewalls and they have this problem too.
- Because it looks like it's fixed with new firmware: is this an attack that's only vulnerable for ZyXEL devices?
- L2TP over IPSec with AD integration is not working after the firmware update. IKEv2 with secuextender and AD integration is no problem, but not all of our cliënts are willing to pay for this cliënt...
- Is IPS (Intrusion Prevention System) catching this on firewalls which have this enabled? We don't use this service but I wanna know if it's worth the money now.0
The release notes for the newest firmware contain these 2 CVEs:
I didn't find any detailed info, however ZyXEL has classified them as 9.8 out of 10, so I guess its trivial to make a DoS attack on all ZyXEL USGs via a simple script… All a hacker needs is an open port (IKE?)0
Omnia Posts: 30
I found this":0
We have 2 USG 20 and 1 USG 60 that we can't log into as of this morning. Was able to log into them one time, but then not again. Our VPN is down. How do we fix without having to wipe and rebuild?!0
- 8.4K All Categories
- 1.6K Nebula
- 71 Nebula Ideas
- 57 Nebula Status and Incidents
- 4.5K Security
- 226 Security Ideas
- 981 Switch
- 46 Switch Ideas
- 872 WirelessLAN
- 22 WLAN Ideas
- 5.1K Consumer Product
- 157 Service & License
- 280 News and Release
- 97 Success Stories
- 59 Security Advisories
- 13 Education Center
- 579 FAQ
- 262 Nebula FAQ
- 160 Security FAQ
- 76 Switch FAQ
- 74 WirelessLAN FAQ
- 7 Consumer Product FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 69 About Community
- 46 Security Highlight