ZLD4.73 & ZLD5.36 patch 2 Official Version Released to address Buffer Overflow Issues
@annm We have two ATP devices. The portal was slow but accessible on one. The other would show the login page but not connect at all. Anyway, based on what had been said, we disconnected the WAN and restarted the devices. That made the portal accessible. However, in both cases, the process wasn't as simple as uploading the firmware.
The first ATP prematurely showed a "Leave this page" prompt. Thinking it was done, even though it only took 30 seconds or so, I clicked on it. Naturally the firmware wasn't uploaded. Just make sure to let it sit for a couple minutes. This might be mitigated by clicking "Yes" to reboot after application. I always click "No" to verify that it was uploaded.
For the second one, I had to reboot the device again after disconnecting the WAN and rebooting. Not sure why but it wouldn't accept the firmware otherwise. It did after that.
All of these require physical access. Don't know if there are other solutions that may work for you. Good luck!0
Unfortunately, both of our zyxels were affected by the attack (flex200, usg110). We have done the update. My question is, could the config be accessed during the attack?
(lastgood, startup configs became fresh during the attack.)
They could change the configuration on it, it is recommended that I change the passwords,
or recommended other actions? Thanks for the help and answer0
So far we've been able to get into the router after a restart and then run the firmware update. It's best practise to keep download a copy of the startup-config file for a backup.0
Zyxel days wo shit in pants: 00
If web/console is unavailable, please reboot the device to stabilize it first and be able to access it, then upgrade to 5.36Patch2.
I suggest you backup the configure first before upgrading to 5.36Patch2
The device would be safe after upgrading to 5.36Patch2, there is no further operation needed.0
Hello @cechj , @annm
I suggest you upgrade to 5.36Patch2 or 4.73Patch2
Hello @GrahamWebb @nielsscheldeman @Unfiniti @MarkoD
About this buffer overflow vulnerabilities, for more information please refer to this article0
Hello @XMFI @GIOMIND
If you need any previous firmware version, please contact me via private message
If you cannot upgrade the firmware successfully, please
STEP1. Download and back up the current running startup-config.conf file. from MAINTENANCE > File Manager > Configuration File.
STEP2. Reboot to the standby partition.
STEP3. Apply the current running startup-config.conf file.
STEP4. Update to our latest firmware V5.36P2.
I suggest you do it nearby the device0
Thanks for bringing this to our attention.
Upon further examination, it has come to our attention that an error in our operations led to the accidental upgrade of your firewall. We sincerely apologize for any inconvenience this may have caused you.
If you encounter any problems after upgrading, please feel free to contact us.Melen0
Sorry does this mean that there was a error by Zyxel that meant new firmware was pushed to the Zywalls when it shouldn't have been? I thought these issues were due to some kind of DOS attack dueto vulnarabilites?0
@GrahamWebb It's not related to attack/vulnerability issue, it's caused by our incident operations. We sincerely apologize for any inconvenience.0
- 8.4K All Categories
- 1.6K Nebula
- 71 Nebula Ideas
- 57 Nebula Status and Incidents
- 4.5K Security
- 226 Security Ideas
- 981 Switch
- 46 Switch Ideas
- 872 WirelessLAN
- 22 WLAN Ideas
- 5.1K Consumer Product
- 157 Service & License
- 280 News and Release
- 97 Success Stories
- 59 Security Advisories
- 13 Education Center
- 579 FAQ
- 262 Nebula FAQ
- 160 Security FAQ
- 76 Switch FAQ
- 74 WirelessLAN FAQ
- 7 Consumer Product FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 69 About Community
- 46 Security Highlight